Reputation: 3961
C# - Running a new process as a user with blank password
I have a child process I spawn from my main application that needs to be run as another local user on a Windows 7 machine. I would prefer to not set a password on that user account, but it seems that creating a new process with impersonation does not allow for blank passwords or any type of null values. Anyone know if this is possible?
below was my attempt with passing a blank char:
ProcessStartInfo info = new ProcessStartInfo(@"C:\PathToExecutable");
System.Security.SecureString psswd = new System.Security.SecureString();
psswd.AppendChar('\0');
psswd.MakeReadOnly();
info.UseShellExecute = false;
info.UserName = "NewProcessName";
info.Password = psswd;
info.Domain = "LocalMachine";
Process newProc = new Process();
newProc.StartInfo = info;
newProc.Start();
edit: The error message I recieve
Logon failure: user account restriction. Possible reasons are blank passwords not allowed, logon hour restrictions, or a policy restriction has been enforced
Upvotes: 0
Views: 4353
Answers (4)
Reputation: 160
For to do this you have to disable a security policy
- Go to Control Panel → Administrative Tools → Local Security Policy.
- Browse the Security Settings → Local Policies → Security Options... Look for "Accounts: Limit local account use of blank password to console logon only".
- Select Disabled and APPLY
there is other solution here: https://sites.google.com/site/sqlestream/windows-issue/10-cannot-access-the-shared-folder-due-to-blank-password-not-allowed
ProcessStartInfo procStartInfo = new ProcessStartInfo("File Name", "Argument(Optional)")
{
UserName = "UserName",
RedirectStandardError = true,
RedirectStandardOutput = true,
UseShellExecute = false,
CreateNoWindow = true
};
using (Process proc = new Process())
{
proc.StartInfo = procStartInfo;
proc.Start();
}
and then you will be able to execute a process without declaring an user password
Upvotes: 2
Reputation: 3961
This is apparently a known issue that LogonUser() fails with a blank password. I set a generic password for required user accounts in my use case.
Upvotes: -1
Reputation: 6353
What are you using to impersonate? LogonUser() should allow a blank password.
I don't think calling psswd.AppendChar('\0') is the right way to specify a blank password. Try removing the SecureString from your code to see if you can at least make the impersonation work. Then add the SecureString back in to see if your problem lies there.
* Edit *
Try this:
unsafe {
char* ary = stackalloc char[0];
SecureString str = new SecureString(ary, 0);
}
set info.Password to your new SecureString... not sure if you'll have to do that within the unsafe context or not.
Upvotes: 1
Reputation:
As this question points out, set LoadUserProfile to true in StartInfo. Try that out, it might help.
Upvotes: 0
Related Questions
- Start a .Net Process as a Different User
- How to create a process as a another user without a password in C#?
- Starting a process with a user name and password
- Calling Process.Start with invalid credentials
- C# process start impersonation error
- Impersonating in .net (C#) & opening a file via Process.start
- Process.Start() throws "Access Denied" after Impersonation
- c# impersonation problem
- Starting a process in C# with username & password throws "Access is Denied" exception
- Starting a process as a user account