All geek questions in one place

Access to a mapped drive as a user

I have a program that launches Elevated. From this program, I run other executables.

Now, by default, any process that I create will run at a higher level. Thus, for some programs it starts, I want them to start as if they were not raised as a standard user who is logged in.

The main elevated program runs under the user account of the registered user.

So this is what I tried

var psi = new ProcessStartInfo(Exe.GetExePath()); psi.UseShellExecute = false; psi.RedirectStandardError = false; psi.RedirectStandardInput = false; psi.RedirectStandardOutput = false; psi.WorkingDirectory = Exe.Version.GetInstallPath(); if(Exe.Elevated == false) { psi.UserName = Global.Username; var pass = new SecureString(); Global.Password.ToCharArray().ToList().ForEach(p => pass.AppendChar(p)); psi.Password = pass; } Process = Process.Start(psi);

This works because it does not increase in a running program. However, at that moment, it loses access to all mapped network drives for some odd reason.

I even tried to do something like this impersonating a Windows user from a launching application, and it also does not work.

So, I think I'm wondering how I can get reverse access to these mapped drives (all applications work under the correct user).

+6
source share
1 answer

By default, UAC behavior, your elevated process runs in a different security context, so it should not have access to any of the connected drives, and also applies to any processes that you create from this process. You can test this simply by running the elevated command line in windows; by default, you do not have access to mapped drives of a failed session.

For more information about this behavior and possible workarounds, see superuser questions (Changing the configuration of a mapped drive, global registry changes, etc.).

If changing the UAC settings or creating a mapping is not an option, a possible (albeit difficult) workaround could be to run your application without raising it, wait for the code to appear that requires raising to start the second, elevated process, and then call back the initial process (the one which works in the security context with mapped drives) to actually launch new applications using the selected IPC method (for example, WCF with named pipes .)

0
source

Source: https://habr.com/ru/post/986195/

More articles:


All Articles