2

How can I implement runas /noprofile /netonly /user:@ using C#.

System.Diagnostics.ProcessStartInfo have fields like user, domain, password, verb (where we can use runas) but how to set netonly. Using the Cmd it doesnot need a token but while using diagnostics a token is being requested due to which security error "{"The security database on the server does not have a computer account for this workstation trust relationship"}" occurs, as my system is not a trusted partner in that domain. In Cmd no such problem is faced.I want to use UI for entering user info. As my system is not a trusted partner I can't use Impersonation.

user1675935
  • 121
  • 2
  • 11
  • Some years ago, I've written [a small impersonation class](http://www.codeproject.com/Articles/10090/A-small-C-Class-for-impersonating-a-User) that might be helpful for your requirement. – Uwe Keim Oct 01 '12 at 06:18
  • To use impersonation PC should be a trusted partner of the domain and mine is not a trusted system so, I can't use Impersonation. The same exception is thrown while using impersonation. – user1675935 Oct 01 '12 at 06:22

1 Answers1

2

You have tried executing the new process with the runas verb with ProcessStartInfo. But that's not the same as executing the runas process from the command prompt.

So the simple way to replicate what you do at the command prompt is to execute the runas program passing all the parameters, just as you do from the command prompt.

Process.Start("runas.exe", "/noprofile /netonly ......");

I don't understand the nuances of what you are attempting. However, if running through cmd does exactly what you need then you can do just that:

Process.Start("cmd.exe", "/c runas /noprofile /netonly ......");
David Heffernan
  • 601,492
  • 42
  • 1,072
  • 1,490
  • Process.Start("runas.exe", " /noprofile /netonly /user: " + Application.StartupPath + filename); Popup of Cmd comes and goes without taking an input(Password). – user1675935 Oct 01 '12 at 06:36
  • 1
    You may need to wrap the path in quotes if it contains spaces – David Heffernan Oct 01 '12 at 07:05
  • 1
    You could also try the ProcessStartInfo overload and set UseShellExecute to false. Although I can't see how that would make a difference. – David Heffernan Oct 01 '12 at 07:20
  • I have tried that too, it won't make a difference.I have set verb as 'runas' and loadProfile as false and specifying userid and password, shellExecute as false, same exception is thrown as before (Untrusted partner) i.e the process is using a user token while cmd is not using any token. – user1675935 Oct 01 '12 at 09:01
  • "I have set verb as 'runas'" Why did you do that? Anyway, did you wrap the path in quotes? Can to do some diagnostics for us and let us know what `"/noprofile /netonly /user: " + Application.StartupPath + filename"` evaluates to. – David Heffernan Oct 01 '12 at 09:26
  • http://stackoverflow.com/questions/12448972/starting-a-windows-service-on-remote-machine-in-different-domain – user1675935 Oct 01 '12 at 10:01
  • while running a program from cmd as c:/>runas /noprofile /netonly /user:@ then cmd will prompt you for password and the program will run as user of domain specified, i.e. will be able to access all services of the domain. when we impersonate(load a profile) a security token is alloted to that context and to get that token your PC should be in trusted lists of computers for that domain (As my pc is not in trusted list I can't get a token). By using cmd command no token is needed and the program will run as if it was running the same domain computer. – user1675935 Oct 01 '12 at 10:11
  • I don't understand the nuances here. If running through `cmd.exe` does the job then do exactly that. `Process.Start("cmd.exe", "/c runas /noprofile /netonly ......");` – David Heffernan Oct 01 '12 at 10:12
  • This have the same effect as using runas.exe instead of cmd.exe i.e it will prompt for password but the screen won't hold, so user can't give the password of the user specified. – user1675935 Oct 03 '12 at 03:54