Solved

Can a Windows Service launch an application with administrative privileges in Windows Vista?

Posted on 2010-08-27
10
744 Views
Last Modified: 2013-12-04
Hello Experts,

I've been reading around and trying all kinds of things to make my Windows Service launch another application (either by ShellExecute, ShellExecuteEx, or CreateProcess, etc.) with administrative privileges in Windows Vista.

It is unclear to me whether or not this is even possible.

Right now, I have it where the service launches the application, and in task manager the application's "User Name" says the name of an administrative account, but the application won't do what I want it to (specifically control the mouse by using the .NET Cursor.Position and invoke mouse_event() from user32.dll) unless I manually stop the application from task manager, right click on it in its folder and select "Run as administrator".

Is there a way to do this? Any way at all?

Thanks for your help!
0
Comment
Question by:ehensens
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 2

Expert Comment

by:Nol888
ID: 33546354
Using the ShellExecute function (http://msdn.microsoft.com/en-us/library/bb762153%28VS.85%29.aspx), and setting lpOperation to "runas" should do the trick.
0
 

Author Comment

by:ehensens
ID: 33546450
Thanks for your response,

I've already tried that. I'm pasting the exact code I used below. It did not launch the application at all. Could this be because I'm trying to launch the application from within a Windows Service?

Furthermore, I know that the application itself launches when I use CreateProcess(), it just doesn't launch with administrative privileges.

Any ideas?

HINSTANCE hInst = ShellExecute(NULL, _T("runas"), _T("theapplication.exe"), NULL, NULL, SW_HIDE);

Open in new window

0
 
LVL 2

Expert Comment

by:Nol888
ID: 33546523
Try fully qualifying the path to the application. In addition, record (somehow) the return value of ShellExecute. It'll help to determine the reason why the application doesn't launch. If I recall correctly, services are not allowed to interact with the desktop so perhaps the elevation prompt fails to activate.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:ehensens
ID: 33546727
Thanks for the advice.

Specifying the fully qualified path to the application did indeed make the Windows Service launch it, but it still did not have full administrative privileges.

I know this because it wouldn't control the mouse when it was launched by the Windows Service, but it did control the mouse when I manually ended it and started it up again as an administrator.

Any ideas?

Thanks!
0
 
LVL 2

Accepted Solution

by:
Nol888 earned 500 total points
ID: 33546834
I suspect the issue is that Windows Services and presumably processes launched by a Windows Service cannot interact with a user session, for security purposes. They run on a separate desktop.
0
 

Author Comment

by:ehensens
ID: 33546867
Thanks.

My guesses are starting to lean in that direction as well.

However, I would really like to know for sure.

Does anybody know of any Microsoft literature that says as much, or does anyone know for sure any other reason why this may not be possible?

I don't truly understand this concept of separate desktops, is there any way I can launch a process with administrative privileges on a different desktop (for instance, from the Windows Service desktop to the user's desktop)?

Any ideas at all?

Thanks!
0
 
LVL 2

Expert Comment

by:Nol888
ID: 33546895
On XP and earlier, I believe there's a way to allow interaction, some group policy. However, for good practice you should follow the Vista guidelines.

Here's a similar problem posted on stackoverflow: http://stackoverflow.com/questions/1369236/how-to-run-console-application-from-windows-service
0
 
LVL 9

Expert Comment

by:Subrat (C++ windows/Linux)
ID: 33555628
Have a look on  ImpersonateLoggedOnUser()
0
 

Author Comment

by:ehensens
ID: 33558423
Thanks Subrat2009, but the whole issue is that the administrative user is not logged on, so I cannot impersonate him.
0
 

Author Closing Comment

by:ehensens
ID: 33579985
Although I have not seen anything from Microsoft indicating that what I'm after is not possible, I suspect that this is indeed the case.
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article is a continuation of the C/C++ Visual Studio Express debugger series. Part 1 provided a quick start guide in using the debugger. Part 2 focused on additional topics in breakpoints. As your assignments become a little more …
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
The viewer will learn how to pass data into a function in C++. This is one step further in using functions. Instead of only printing text onto the console, the function will be able to perform calculations with argumentents given by the user.
The viewer will learn how to user default arguments when defining functions. This method of defining functions will be contrasted with the non-default-argument of defining functions.

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question