Menu
I have a non-interactive service running as a the privileged SYSTEM user on Windows machines, and I need it to launch a given executable as an elevated process.
I have managed to launch a child process as SYSTEM, using WTSGetActiveConsoleSessionId(), finding a system process and duplicating it's token. Similarly, I can launch a non-elevated process as a regular user. But I need to launch the process as the regular user, but with elevated privileges - so that I don't have to show UAC, but the process is running as the appropriate user.
I am not trying to bypass UAC - since the user already agreed to installing the service. I am trying to mitigate an inconvenience. I have found a similar, unanswered question - but asked again in hope of maybe getting an answer.
430
On your desktop, right click and select New > Shortcut. Paste 'C:\Windows\System32\schtasks.exe /RUN /TN "Name of folder\Name of task" into the text box. This will create a link to your program that will automatically skip the prompt asking for permission to make changes to your computer.
Go to User Local Policies -> Security Options. On the right, scroll to the option User Account Control: Behavior of the elevation prompt for standard users. Double-click on this policy to change its value. Select the UAC behavior you want to set for standard user accounts.
If you have a filtered token for the interactive user - for example, one retrieved via WTSQueryUserToken() - you can retrieve the unfiltered ("elevated") token by using the GetTokenInformation function with the TokenLinkedToken option.
65
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
