I have a WPF application that is trying to audit registry values. I am able to read the value in HKLM, however, if the value needs to be changed I am hit with a UnauthorizedAccess error. I have an app.manifest file that is requiring the application to run as administrator. I also launch the application as admin.
Here is what I have in this function:
RegistryKey key = Registry.LocalMachine.OpenSubKey(#"SYSTEM\CurrentControlSet\Control\SecureBoot\State");
if (key != null)
{
int value = (int)key.GetValue("UEFISecureBootEnabled");
if (value == 0)
{
key.SetValue("UEFISecureBootEnabled", 1);
}
}
app.manifest file:
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
I am new to C# so I am wading my way through this. I have read up on the topic and everyone seems to say that editing the app.manifest file to require administrator is the way to fix this but it does not work on mine.
I tried launching the app as administrator, editing the app.manifest file to require administrator and still I am getting the UnauthorizedAccess error. Any help would be greatly appreciated.
You need to make sure that the user being used to run the application has administrative access on the machine requiring the registry changes.
Can you try editing the registry value manually by running regedit with the same user account being used to run the application with as a test?
Related
I changed my registry via C# with the following code:
RegistryKey regKey = RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Registry32);
RegistryKey openSubKey = regKey.OpenSubKey(#"SOFTWARE\ASA\Suite", true);
openSubKey?.SetValue("Password", encryptedString, RegistryValueKind.String);
openSubKey?.SetValue("UserName", UserNameTextBox.Text, RegistryValueKind.String);
openSubKey?.SetValue("DomainName", DomainNameTextBox.Text, RegistryValueKind.String);
openSubKey?.Close();
regKey.Close();
These entries did already exist and were only replaced. When I use the same kind of code to read the settings I get the correct settings back, BUT when I open the registry with regedit.exe and search for it manually I find only the old values. In the regedit.exe it is this path: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\ASA\Suite
I already looked into the path without WOW6432Node (and even in the HKCU) but there is no ASA entry at all.Has someone an idea what that could be? Why don't I see the changes I made? I am completly puzzled here...
EDIT: I changed my project from anyCPU to x86 and no change, but as soon as I changed it to x64 the keys read were the ones that regedit.exe shows. But I open the 32bit variant of the registry hive, and when I write something here the question persists... why can't I see the changes made? A x86 app under x64 Windows should automatically write to the WOW6432Node, shouldn't it?
EDIT2: I tested the x86 version on an x86 Windows. I change the registry and can read it, but with regedit I cannot see the changes... wtf is this?
EDIT3: I found the changed keys under HKCR\VirtualStore\MACHINE\SOFTWARE\ASA\Suite I don't know why yet, but I search for an answer and post it here.
May be somebody else is overwriting it ?
May be this can help?
http://www.advancedinstaller.com/user-guide/registry-wow6432-node.html
The Wow6432Node registry entry indicates that you are running a 64-bit Windows version.
The operating system uses this key to display a separate view of HKEY_LOCAL_MACHINE\SOFTWARE for 32-bit applications that run on 64-bit Windows versions. When a 32-bit application writes or reads a value under the HKEY_LOCAL_MACHINE\SOFTWARE\\ subkey, the application reads from the HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\\ subkey.
A registry reflector copies certain values between the 32-bit and 64-bit registry views (mainly for COM registration) and resolves any conflicts using a "last-writer-wins" approach.
Ok, I have the answer. I didn't wanted to use a manifest so I removed it and thus didn't got asked if the app had to be elevated. So, because a normal user (even if the logged in user had admin rights) can't write to the HKLM, it wrote a key to HKCU\VirtualStore... that way my app could also read the keys but in the regedit.exe it was not where it was expected.
To get around this I implemented a manifest and changed the line with the requestedExecutionLevel:
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
Now I don't even have to build an x64 and an x86 version but can use Any CPU instead and let my app do the work (i.e.: to look if to use the RegistryView.Registry32 or RegistryView.Registry64)
I am writing code that calls the IApplicationActivationManager interface to open a windows store app.
I get the error:
"[Name of App] can't run while File Explorer is running with Administrator privileges..."
It is essential that I launch my app as a non administrator. I also don't control the administrator context that the code that calls the .exe I will create uses. So, two questions:
Can I (by changing the project settings or something) debug as a non-administrator?
Can I force my exe to run as a non administrator? (when it's out in the wild)
C4ud3x helpfully points out that this can be added to the app.manifest. This is true, but unfortunately it will still run as administrator if the invoker lets it (it is in fact the default value). It also looks like asInvoker is the lowest value.
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
edit:
fine I accept the only answer to the first question is don't run visual studios as admin. Thanks for all your help with that.
In your project-explorer expand 'properties' and open your 'app.manifest'.
You can add this line there:
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
'AsInvoker' means the application is started with the permission-level from the user whos logged in.
This line should already be auto-generated and commented out in your manifest.
Edit:
Aaah, wait. You need to run as a non-admin while DEBUGGING??? Dont know how the permissions behave in debugging-mode.
I did a lot of searching on this error and was confused when every single thing related to this has to do with AD.
First off let me just say, that my program runs from within VS 2013 with no problems whatsoever, whether it be in debug or release.
However when I run my program after rebuilding my program from the release folder I get an error saying "a referral was returned from the server".
My program doesn't have anything to do with AD.
Is there anything else other than AD that can give me this error? Most of the things I read up on they were giving specific lines that were causing the error during runtime, mine does only when not running in VS.
Sorry if this is a stupid question.
Thank you.
This is probably because you have the UAC enabled and a local group policy called Only elevate executables that are signed and validated also enabled.
Go to the Group Policy Editor > Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options and set User Account Control: Only elevate executables that are signed and validated to Disabled.
I got this error when I changed the requestedPrivileges in the application manifest file. I changed the uiAccess to true on the requestExectionLevel node. Reverting this change solved my problem. Level of the requestedExecutionLevel was set to "highestAvailable".
My solution was to add a post-build event to sign the resulting .exe
Previously only the .dll was being signed
I have an update button within the windows form application.When the user clicks on the update button, the application checks the current version of the application with the version available in the server obtained from the webservice. If there is mismatch among versions,the application will download the new version from the path obtained from the webservice.
I am currently using two projects within the same solution
Main project where the application is running
Update project -Its purpose is used to delete the .exe file and download the new .exe file. (Update project is added as a reference of Main project)
The problem is when i try to delete the mainproject.exe through code in update project,it shows an exception saying "Unauthorized exception caught". Does anyone knows why this is happening?OR Does anyone have a better idea to use update function within the application??
This is the code that i am using for the deleting the file.
Unauthorized Exception in Windows Forms - C#
Edit:-
While i was debugging the application,iam able to delete the .exe file.But when i try to delete the application after installing in the desktop,again iam getting the exception message as "Access is denied".
In you update button, you start another small app as a separate process , in the small app, you can use the following code to kill your process, and then delete the original app.
try
{
Process [] proc Process.GetProcessesByName("YourAppName");
proc[0].Kill();
}
I found the solution why iam getting the "access is denied" exception in my application.
Since iam deleting a file inside the application through code i need to have the privilege of "Administrator".
One way is to make the user login manually as administrator.But that is not a better option.
Another way is to create an App Manifest file within your project and set the level as "administartor."
Creating App Manifest--> Right click on the project->Add new item-->Select App Manifest option from the right pane->Click ok
Open the manifest file and change the level to "requireAdministartor".
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
This will solve the issue while running the application,it will prompt user to run as administrator.
Hope this will be helpful to someone in future. :) Thank you guys for your support.
Is the application running and that's why it is unable to delete the executable? If so, you could rename the running executable and put the new version in its place. The new version will then be executed the next time the application is started.
I develop one window application and I also create one service. I start the service using coding in window application, but I am getting an error like cannot open window service on computer '.'
I have used below code.
ServiceController controller = new ServiceController("SeoMozScheduleService");
if (controller.Status == ServiceControllerStatus.Stopped)
{
controller.Start();
}
If i right click on Application and click on Run as Administrator than it works fine for me...
To make this automatic every time you open the application you have to add a manifest file to your solution, then update the requestedExecutionLevel node inside the file to look like this:
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
</requestedPrivileges>
However, changing this setting will result in the system prompting you every time to run the application as administrator if UAC is enabled.
Go to
c://Program Files/ApplicationFolder/.exe
Right-click on .exe and go to Properties then go Compatibility Tab and check true to Run this Program as an administrator Level.
if you are using visual studio then close it and re open visual sudio with run it as administrator
None of these solutions helped me, because it would help if I actually had ensured I had Administrator access on the target computer first! I was taking away and giving back Administrator access to my main account using my domain admin account. When I ran some ServiceController code that was checking if a service was running on a remote computer, under the domain admin account, all was fine. When I did it as my main account, that's when it didn't work - even when running Visual Studio as an Administrator. Turns out I had been testing without my main account in the local Admin group... d'oh!
I ran into this with a scheduled task on a server--checking the "Run with highest privileges" solved it. (The service account has to have admin rights of course for this to work.)
Framework version change in the app.conf to the version which is installed on the system fixed the issue for me.
The application probably does not need to require Administrator permission. The Microsoft Management Console (MMC) (that includes the Services snap-in) does not. The manifest for the MMC has:
<requestedExecutionLevel
level="highestAvailable"
uiAccess="false"
/>
It does not have level="requireAdministrator".
See c# - How do I create/edit a Manifest file? - Stack Overflow for instructions for adding a manifest to the project.
There are very many articles about the principle of Least Privilege, including the following.
Least Privilege
What is principle of least privilege (POLP)? - Definition from WhatIs.com
What is the Principle of Least Privilege (POLP)? A Best Practice for Information Security and Compliance \| Digital Guardian
What Is Least Privilege & Why Do You Need It? \| BeyondTrust