Using Windows Authentication with WMI and ASP.NET

  • Thread starter Brian Nicholson
  • Start date

Brian Nicholson

I'm building a test web application that, when run, will launch calc.exe on
my computer. It seems to work as it appears in Windows Task Manager;
however, the process doesn't actually pop up because it runs as ASPNET rather
than the user I want. When having to run ASP.NET as another user (e.g. when
doing AD queries), I was able to use IIS Windows Authentication and
impersonation. These are still enabled, but they don't seem to be helping.
Here is the method I'm using:

Sub test()

Dim objWMIService, objProcess
Dim strShell, objProgram, strComputer, strExe

strExe = "calc.exe"
' Input Box to get name of machine to run the process
strComputer = "RIC0001994"

' Connect to WMI
objWMIService = GetObject("winmgmts://" _
& strComputer & "/root/cimv2")
' Obtain the Win32_Process class of object.
objProcess = objWMIService.Get("Win32_Process")
objProgram = objProcess.Methods_( _
objProgram.CommandLine = strExe

'Execute the program now at the command line.
strShell = objWMIService.ExecMethod( _
"Win32_Process", "Create", objProgram)

End Sub


John Rivers

just guessing ...

- did you forget to turn off anonymous access for this page ?

- running as ASPNET in itself would not inhibit user interface
- sounds like it is inheriting the unattended process attribute from

- i have successfully used win32/pinvoke to temporarily impersonate
another user - that might help you

bruce barker

this will never work. iis and are services and do not have
access to the desktop. thus any application they start will also not
have access to desktop and can not create any windows. should
only spawn console apps.

-- bruce (

Brian Nicholson

All right -- well thanks for the help. I don't actually need to do that in
my application; I was just assuming that launching it under my account rather
than ASPNET would then open the window as a result; that wasn't my actual
goal. What I am really trying to do is figure out a way to start a process
using WMI under different user credentials. ASP.NET impersonation doesn't
seem to affect launching separate processes, so what's the best way to go
about doing this?

In the end, my final goal is something like this: an admin user will go to
the page and click a button that will connect to WMI and launch a batch file
(located in a shared folder) on a specified computer. This batch file will
then perform a task on the computer it runs on. You can see the problem --
as of now, the batch file is launched with the ASP.NET user which does not
have necessary permissions to perform the intended tasks. Ideally, the same
Windows Authentication used for ASP.NET apps could be used to launch this
batch file so it would have the permissions to perform the necessary

Thank you.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question