I have created a WPF application which needs to execute a command on the Windows command prompt. Therefore I have created the following code:
// The 'RunAs' indicates it needs to be elevated.
var process = Process.Start(new ProcessStartInfo(@"C:\Windows\System32\wevtutil.exe", commandArgs)
{
//Process will be started as admin
Verb = "runAs",
//Do not show the shell window
CreateNoWindow = true,
UseShellExecute = false,
RedirectStandardError = true,
RedirectStandardOutput = true,
RedirectStandardInput = true,
})
This command needs administrator privileges. Therefore I have added a manifest file which starts the WPF host with admin rights:
So far this solution works fine. I can start my WPF application, trigger an event by pressing a button and my process with this command prompt will be executed.
Now I want to add some files by drag & drop to my WPF client. Since my application is running with admin rights it is not possible to drag & drop files from Windows File Explorer into my application.
It is possible to drag & drop files with Total Commander, because Total Commander can be started with admin rights. Adding an OpenFileDialog to my WPF host works, but drag & drop would be so much more comfortable.
When I run my application without admin rights drag & drop works, but my application cannot execute the command prompt due to lack of rights.
How can I implement drag & drop for adding my files and afterwards execute a command prompt with admin rights where I need these files as parameters?
Talk1:
Why you decide what application starting elevated process must have administrators rights?
Talk2:
I want to execute C:\Windows\System32\wevtutil.exe to install a bunch of ETW manifests. wevtutil.exe requires admin rights to do so.
Talk3:
I think your problem can't be solved by code. This is a Windows Security behavior. But i'm still curious about this question. superuser.com/questions/59051/…
Talk4:
, ok, wevtutil.exe needs administrator rights and you do it right with Verb = "runAs". Where you want drag&drop files? Into wevtutil.exe or into the application which runs wevtutil.exe? The application doesn't have to have admin rights.
Solutions1
First, if you need to run just one operation which requires admin rights - that does not mean your whole application should run with admin rights. You need to evelate only for this particular operation. Easiest way to do this is setting UseShellExecute = true when starting your process - then Windows will show usual UAC prompt to user, so that he can confirm evelation. You can describe situation to user before that (in some dialog), or you can put usual UAC icon on button that performs that action (that shield icon).
If that is not an option for you (for example you need redirected output) - you can run another copy of your own application with certain arguments with admin rights (exactly as described above, but not wevtutil, but your own application). This evelated copy will only run wevtutil and exit, doing nothing more.