Jeg har lavet en consol applikation som laver nogle ændringer i registrerings databasen. Det kører fint når jeg selv er logget på som administrator, men når brugerne er logget på med deres konto som ikke har admin rettigheder, heller ikke lokale administrator rettigheder, så kører programmet ikke, da de ikke kan skrive i registrerings db.
Er det muligt at programmere app. så consolen bliver kørt med admin rettigheder? Jeg har jo passwordet, så det er ikke her problemet ligger.
Public Class RunAs_Impersonator #Region "Private Variables and Enum Constants" Private tokenHandle As New IntPtr(0) Private dupeTokenHandle As New IntPtr(0) Private impersonatedUser As WindowsImpersonationContext #End Region #Region "Properties"
#End Region #Region "Public Methods" Public Declare Auto Function CloseHandle Lib "kernel32.dll" (ByVal handle As IntPtr) As Boolean
Public Declare Auto Function DuplicateToken Lib "advapi32.dll" (ByVal ExistingTokenHandle As IntPtr, _ ByVal SECURITY_IMPERSONATION_LEVEL As Integer, _ ByRef DuplicateTokenHandle As IntPtr) As Boolean
' Test harness. ' If you incorporate this code into a DLL, be sure to demand FullTrust. <PermissionSetAttribute(SecurityAction.Demand, Name:="FullTrust")> _ Public Sub ImpersonateStart(ByVal Domain As String, ByVal userName As String, ByVal Password As String) Try tokenHandle = IntPtr.Zero ' Call LogonUser to obtain a handle to an access token. Dim returnValue As Boolean = LogonUser(userName, Domain, Password, 2, 0, tokenHandle)
'check if logon successful If returnValue = False Then Dim ret As Integer = Marshal.GetLastWin32Error() Console.WriteLine("LogonUser failed with error code : {0}", ret) Throw New System.ComponentModel.Win32Exception(ret) Exit Sub End If
'Logon succeeded
' Use the token handle returned by LogonUser. Dim newId As New WindowsIdentity(tokenHandle) impersonatedUser = newId.Impersonate() Catch ex As Exception Throw ex Exit Sub End Try 'MsgBox("running as " & impersonatedUser.ToString & " -- " & WindowsIdentity.GetCurrent.Name) End Sub <PermissionSetAttribute(SecurityAction.Demand, Name:="FullTrust")> _ Public Sub ImpersonateStop() ' Stop impersonating the user. impersonatedUser.Undo()
' Free the tokens. If Not System.IntPtr.op_Equality(tokenHandle, IntPtr.Zero) Then CloseHandle(tokenHandle) End If 'MsgBox("running as " & Environment.UserName) End Sub #End Region #Region "Private Methods" Private Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUsername As [String], _ ByVal lpszDomain As [String], ByVal lpszPassword As [String], _ ByVal dwLogonType As Integer, ByVal dwLogonProvider As Integer, _ ByRef phToken As IntPtr) As Boolean
<DllImport("kernel32.dll")> _ Public Shared Function FormatMessage(ByVal dwFlags As Integer, ByRef lpSource As IntPtr, _ ByVal dwMessageId As Integer, ByVal dwLanguageId As Integer, ByRef lpBuffer As [String], _ ByVal nSize As Integer, ByRef Arguments As IntPtr) As Integer End Function #End Region End Class
og i selve consol app:
Sub Main() Dim imp As New RunAs_Impersonator Try imp.ImpersonateStart(domain, username, password) 'creates new context using token for user
'Din kode som skal køres med administrator rettigheder skrives her
imp.ImpersonateStop() Catch ex As Exception 'make sure impersonation is stopped whether code succeeds or not MsgBox(ex.Message) imp.ImpersonateStop() End Try End Sub
Synes godt om
Ny brugerNybegynder
Din løsning...
Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.