locked
Starting a process with credentials vs RunAs command. RRS feed

  • Question

  • I am trying to parse data from netsh dhcp commands from my application which will run from remote client systems running windows xp/7. In order to do this, credentials must be passed. So I can currently get the correct data using the RunAs command. However when trying to do it programatically from vb.net it returns data as tho there were no credentials passed.

    p.StartInfo.RedirectStandardOutput = True
    
    p.StartInfo.RedirectStandardInput = True
    
    p.StartInfo.RedirectStandardError = True
    
    p.StartInfo.UseShellExecute = False
    
    p.StartInfo.FileName = "c:\windows\system32\netsh.exe"
    
    p.StartInfo.UserName = userName
    
    p.StartInfo.Password = securePass
    
    p.StartInfo.Domain = domain
    
    p.StartInfo.Arguments = "dhcp server 10.10.129.18 show scope"
    
    p.Start()
    
    
    
    MsgBox(p.StandardOutput.ReadToEnd())
    
    p.WaitForExit()
    
    

    So running this returns the same output as if I ran the netsh from a command prompt with invalid credentials. Passing all the same arguments to the RunAs command works fine.

    So I guess my question is, what's the difference in this code vs how the RunAs command works? Does the fact that you have to disable ShellExecute, in order to pass credentials, play a roll in this?


    • Edited by Nezoic Wednesday, September 14, 2011 2:58 PM
    Wednesday, September 14, 2011 2:57 PM

Answers

  • Good question, I don't have the answer to the specific question, but I have a few ideas you can try to get it working. 

         1. Set the p.StartInfo.Verb property

    p.StartInfo.Verb = "runas" 
    

         2.  See if turning off UAC affects the behavior, if it does then make your application UAC aware.

         3.  Try impersonation through the Windows API (This is a library project I created on code plex):  http://impersonation.codeplex.com/

    • Proposed as answer by Mark Liu-lxf Friday, September 16, 2011 7:14 AM
    • Marked as answer by Nezoic Wednesday, September 21, 2011 2:34 PM
    Wednesday, September 14, 2011 3:50 PM
  • hi,

    I'm afraid that something has led you to the run way.

    I'm sure that there must be no difference to connect to DHCP sever by using code or Runas command. there are somehing wrong with your code!

    You should know that the word "runas" has a function to promote the user privileges to the thread. And I can't find the same function to your code.

    By the way, what is the meaning of this code?

     

     p.StartInfo.Arguments = "dhcp server 10.10.192.20 scope " & ScopeIP & "show reservedip"
    
    


    I concern that the arguments to the server is different from you use RunAs commond, and would you like to let me konw the reason?

    I'm looking forward to your answer. 

    • Marked as answer by Nezoic Wednesday, September 21, 2011 2:34 PM
    Wednesday, September 21, 2011 2:10 AM

All replies

  • Good question, I don't have the answer to the specific question, but I have a few ideas you can try to get it working. 

         1. Set the p.StartInfo.Verb property

    p.StartInfo.Verb = "runas" 
    

         2.  See if turning off UAC affects the behavior, if it does then make your application UAC aware.

         3.  Try impersonation through the Windows API (This is a library project I created on code plex):  http://impersonation.codeplex.com/

    • Proposed as answer by Mark Liu-lxf Friday, September 16, 2011 7:14 AM
    • Marked as answer by Nezoic Wednesday, September 21, 2011 2:34 PM
    Wednesday, September 14, 2011 3:50 PM
  • Hi Nezoic,


    Thank you for your post.


    I think Bpell has given you the right direction. And I’d like to give your more information about this issue.


    The User Account Control (UAC) has been introduced in Windows Vista and Windows 7. It aims to improve the security of Microsoft Windows by limiting application software to standard user privileges until an administrator authorizes an increase or elevation. Based on your description, you want to use code to parse the remote data with credentials. There is no doubt that an administrator privileges will be needed to invoke the executable file. It is possible to invoke the UAC and lead to the issue.


    You can turn off the UAC easily by following the steps:
     http://windows.microsoft.com/en-US/windows-vista/Turn-User-Account-Control-on-or-off
    You can get more information with the link:
    http://msdn.microsoft.com/en-us/library/aa511445.aspx
    http://windows.microsoft.com/en-US/windows-vista/What-is-User-Account-Control


    If you have any concerns, please feel free to let me know.


    Mark lxf [MSFT]
    MSDN Community Support | Feedback to us
    Get or Request Code Sample from Microsoft
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Friday, September 16, 2011 7:13 AM
  •  

    I'm trying to understand what the actual working differences are between the process.start functions and the commandline - RunAs command. I'm passing the same admin credentials to both of them. RunAs works, process.start does not.

    UAC is not enabled.

         1. Set the p.StartInfo.Verb property

    p.StartInfo.Verb = "runas" 
    
    
    This does not apply, I'm not launching the runas command from my project, I'm launching it maually from a command prompt window. I'm primaryly launching the netsh command and defining the verb also has no affect.


    To clarify, I want to know why the following works.

    runas /noprofile /user:username@domain "netsh dhcp server 10.10.192.20 show scope"

    But the following code in VB.Net doesn't work, it returns access denied and cannot query the DHCP server, indicating it's not launching netsh as the admin account provided.

     Dim p As New Process
            p.StartInfo.UseShellExecute = False
            p.StartInfo.CreateNoWindow = True
            p.StartInfo.WindowStyle = ProcessWindowStyle.Hidden
            p.StartInfo.FileName = "c:\windows\system32\netsh.exe"
            p.StartInfo.Arguments = "dhcp server 10.10.192.20 scope " & ScopeIP & "show reservedip"
            p.StartInfo.RedirectStandardOutput = True
            p.StartInfo.RedirectStandardInput = True
            p.StartInfo.RedirectStandardError = True
            p.StartInfo.WorkingDirectory = "C:\"
            p.StartInfo.UserName = LoginForm1.txtUsernameAuthenticate.Text
            p.StartInfo.Domain = domain
            Dim secPass As New SecureString
            Dim pass As String = LoginForm1.txtPasswordAuthenticate.Text
            For Each c As Char In pass.ToCharArray
                System.Diagnostics.Debug.WriteLine(c)
                secPass.AppendChar(c)
            Next
    
            p.StartInfo.Password = secPass
            p.Start()

     

    • Edited by Nezoic Monday, September 19, 2011 2:17 PM
    Monday, September 19, 2011 2:09 PM
  • hi,

    I'm afraid that something has led you to the run way.

    I'm sure that there must be no difference to connect to DHCP sever by using code or Runas command. there are somehing wrong with your code!

    You should know that the word "runas" has a function to promote the user privileges to the thread. And I can't find the same function to your code.

    By the way, what is the meaning of this code?

     

     p.StartInfo.Arguments = "dhcp server 10.10.192.20 scope " & ScopeIP & "show reservedip"
    
    


    I concern that the arguments to the server is different from you use RunAs commond, and would you like to let me konw the reason?

    I'm looking forward to your answer. 

    • Marked as answer by Nezoic Wednesday, September 21, 2011 2:34 PM
    Wednesday, September 21, 2011 2:10 AM