I have the need for my application to start and stop Windows Services based on certain events. The thing is that this application needs to run as an elevated normal user (In order to stop services), as well as auto start when Windows starts. Additionally, it need to be in the systray with an user interface.
What are my options here?
I suppose that there are at least two possibillities:
- To make the application auto start by putting it in the Startup folder or in the ..\Run key in the registry. But the question is, can this be done without the UAC prompt dialog pops up every time Windows starts?
- Develop a Windows Service that is installed to run as system, with a separate GUI app in the sys tray. But what are the IPC prossibilities I have here in order to communicate between the elevated service and the normal sys tray app?
Any thoughts and recommendations?
Definitely go with option 2 and specifically use WCF (Windows Communication Foundation) to communicate with the Windows Service using wsHTTPS binding so that you can authenticate that the logged in user is allowed to perform the actions on the WCF Service hosted by the Windows Service.
Actually with number 1 you can chain a couple processes together to achieve an elevated process without a UAC dialog. Like this
First Process-> Launch as Administrator (will need a way to supply credentials) -> launch another process using ShellExecute and supplying the Runas verb. -> Your final process
For number 1, in order to run your application with administrator permissions, then it is impossible to run it without the UAC dialog poping up, or you having the administrator password
For number 2, this is an interesting topic, there is a good article here, with examples & source codes: http://www.codeproject.com/KB/threads/process_communication.aspx the topic is .net remoting. im sure that is the best way to communicate between the different apps.
You can use the Scheduled Tasks facility to accomplish what you want. For scheduling there is an option to schedule a program to run whenever a user logs on. There are options for running the task with alternate credentials.
I couldn't tell you how to set this up programatically (there's probably a WMI interface for it) but it's easy to do through the UI.