G
Guest
Short Version:
How can I determine if the currently logged in user is a local administrator? & How can I add/remove a user to a group in C#? I want to add the currently logged in user to the local administrators group and then remove him/her later on.
Long Version:
I’m trying to write a login script that will install/update a piece of software on user’s computers. The problem that I’m running into is that the users don’t have administrative rights to their computers, so if they were to log in with this in their login script, it would fail. I tried using the runas command line utility, but it will not allow me to send the password argument via script (the user would be prompted for an administrative password). I then wrote a C# console application that took a username, password, domain and filename and would execute a process as that user. It is pretty much just like runas, but allows you to give it the password as an argument. (For security reasons, I’ll probably hard code the credentials into the executable.) This allows me to use elevated permissions to install most applications… one of the exceptions being the application that I need to install on users computers. The issue with this application is that it executes sub processes that need to run in the administrative context, but don’t inherit the administrative permissions that I give the parent process. I don’t have control of those sub processes, so I can’t call them with the new runas utility. I then decided that I could temporarily make the user an administrator while the software was installing. I figured that I could use the runas tool that I just created to call another C# application that would add the current user to the local admin group. Then I would install the software I initially wanted to install. On completion, the script would call another program that removes the current user from the admin group. My problem is that I don’t know how to add a user to a group in C# or how to check if the user is a local admin.
Here’s pseudo-code for what I’m trying to do…
IsAdmin = Is current user a local admin?
If Not isAdmin Then
Execute the new runas tool (that has administrative credentials hard coded into it) with another executable (that adds the current user to the local admin group) as an argument.
End If
Install software
If Not isAdmin Then
Execute the new runas tool (that has administrative credentials hard coded into it) with another executable (that removes the current user to the local admin group) as an argument.
End If
Thanks in advance for your help!
How can I determine if the currently logged in user is a local administrator? & How can I add/remove a user to a group in C#? I want to add the currently logged in user to the local administrators group and then remove him/her later on.
Long Version:
I’m trying to write a login script that will install/update a piece of software on user’s computers. The problem that I’m running into is that the users don’t have administrative rights to their computers, so if they were to log in with this in their login script, it would fail. I tried using the runas command line utility, but it will not allow me to send the password argument via script (the user would be prompted for an administrative password). I then wrote a C# console application that took a username, password, domain and filename and would execute a process as that user. It is pretty much just like runas, but allows you to give it the password as an argument. (For security reasons, I’ll probably hard code the credentials into the executable.) This allows me to use elevated permissions to install most applications… one of the exceptions being the application that I need to install on users computers. The issue with this application is that it executes sub processes that need to run in the administrative context, but don’t inherit the administrative permissions that I give the parent process. I don’t have control of those sub processes, so I can’t call them with the new runas utility. I then decided that I could temporarily make the user an administrator while the software was installing. I figured that I could use the runas tool that I just created to call another C# application that would add the current user to the local admin group. Then I would install the software I initially wanted to install. On completion, the script would call another program that removes the current user from the admin group. My problem is that I don’t know how to add a user to a group in C# or how to check if the user is a local admin.
Here’s pseudo-code for what I’m trying to do…
IsAdmin = Is current user a local admin?
If Not isAdmin Then
Execute the new runas tool (that has administrative credentials hard coded into it) with another executable (that adds the current user to the local admin group) as an argument.
End If
Install software
If Not isAdmin Then
Execute the new runas tool (that has administrative credentials hard coded into it) with another executable (that removes the current user to the local admin group) as an argument.
End If
Thanks in advance for your help!