0

I am running a winforms application with elevated user rights (emulated Run As as a different domain administrator account), however I want to start a sub process of opening a webbrowser to a URL with the currently logged on user rights as opposed to elevated rights without having to prompt them for their password and logon information so it properly handshakes NTLM with the currently logged on user permissions.

I have tried something like:

// I have the USER NAME, this is not the issue
// I have the Domain, this is not the issue

// I need to grab the Password from the currently logged on user 
// without prompting for it

System.Security.SecureString oPass = new System.Security.SecureString();
System.Diagnostics.Process.Start("IExplore.exe"
   , this.oConfiguration.WrappersURL
   , this.WindowsUserID
   , oPass
   , this.DomainName
  );

..but I am not quite sure how to grab the user's password. Any ideas of how to reduce rights of the spawned process to the logged on user that is W7 and XP compatible?

Dave
  • 1,823
  • 2
  • 16
  • 26
  • 1
    is this web or windows application..? have you looked at trying this `string userName = System.Security.Principal.WindowsIdentity.GetCurrent().Name;` – MethodMan Mar 19 '13 at 21:17
  • You will not be able to get user's password - i.e. because it it is not stored anywhere... Can you please clarify if "elevated" means "different user with admin rights" or "same admin user, but with elevated rights (due to UAC)" – Alexei Levenkov Mar 19 '13 at 21:28
  • Application is running as a different local administrative user account with admin rights, and I want to spawn a process using the currently logged on user account. – Dave Mar 20 '13 at 15:50
  • Are you familiar with `SSPI` if not I would recommend trying to implement something using that ..also I did something similar to what's on this site it's too much code to post but you can look at it and try it as well http://www.codinghorror.com/blog/2004/11/processstart-and-impersonation.html the only other option would be to do Impersonation and if you are wanting to track the user..user this `var userNameSplit = System.Security.Principal.WindowsIdentity.GetCurrent().Name.Split('\\');` to store the current user prior to calling Impersonate functionality does that make sense – MethodMan Mar 20 '13 at 18:12
  • possible duplicate of [How do you de-elevate privileges for a child process](http://stackoverflow.com/questions/1173630/how-do-you-de-elevate-privileges-for-a-child-process) – David Heffernan Mar 20 '13 at 19:10

3 Answers3

0

Get the current user and start it this way: 

ProcessStartInfo startInfo = new ProcessStartInfo();
startInfo.UserName = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
Process.Start(startInfo);
Alex
  • 2,342
  • 1
  • 18
  • 30
0

You want to get the DomainName and UserName do the following

EDIT:

var userNameSplit = System.Security.Principal.WindowsIdentity.GetCurrent().Name.Split('\\');
var userDomain = userNameSplit[0];
var userName = userNameSplit[1];
MethodMan
  • 18,625
  • 6
  • 34
  • 52
  • No i have the username and domain name, just not the user password – Dave Mar 20 '13 at 17:53
  • you would not know the users password sounds like you may still need to prompt for user password..Let me check something on my end I've done something like this before I will update my answer in a few let me find my code that I used a few months back to do the same thing – MethodMan Mar 20 '13 at 18:04
  • In my original question, I specifically said, ..."without having to prompt them for their password and logon information". – Dave Oct 27 '13 at 21:42
0

It appears there is not a way to do this in windows, so I ended up working around this dilemma by doing the following:

  1. Spawn a controller process under the current user.
  2. Spawn the task process under the currently logged in user.
  3. Spawn another task process and elevate it's rights to an administrative account.
  4. Use the controller process to manage/signal the two task processes (which are identical except for credentials).
  5. In some cases have the user process initialize running a program application, then have the administrative task direct that applications work.

Ugly, hackish, and a bit convoluted but such is enterprise security :D

Dave
  • 1,823
  • 2
  • 16
  • 26