作为管理员与管理员组运行 [英] Run as Administrator vs. Administrator group

问题描述

我有一个 C# 应用程序，需要允许用户更改计算机名称.这是一个非常有特权的操作.只有当用户以管理员身份运行应用程序时，我才能让它工作(Windows 7，右键单击可执行文件，以管理员身份运行").很好，但是用户是管理员，为什么他们需要 AS 以管理员身份运行?我已经试过几次了.如果用户——管理员——试图正常运行应用程序，它总是会失败.如果他们以以管理员身份运行"运行它，它总是有效.

I have a C# app that needs to allow the user to change the Computer Name. This is a pretty privileged operation. I can only get it to work if the user runs the app as Administrator (Windows 7, right-click on executable, "Run as Administrator"). Fine, but the user IS an administrator, so why would they need to Run AS an Administrator? I've tried this several times. It always fails if the user--an administrator--tries to do it running the application normally. It always works if they run it as "Run as Administrator".

如果答案是它只是那样工作，即使您是管理员，也必须以管理员身份运行"，我的问题是如何检测它们是否以超级管理员权限运行?我找到了 this，但它只是检查用户是否是我已经指出，Administrator 用户组的一部分是不够的(并抛出空指针异常).

If the answer is, "It just works that way, you have to run as admin even if you are an admin," my question is how can I detect if they are running with super-duper admin privileges? I found this, but it just checks to see if the user is part of the Administrator user group which, I already pointed out, isn't sufficient (and throws a null pointer exception).

我在这里遗漏了什么吗?我需要从另一个角度接近它吗?

Am I missing something here? Do I need to approach it from another angle?

推荐答案

这是因为用户帐户控制 (UAC).在 Vista 中引入，这改变了管理员用户帐户的操作方式.

It's because of User Account Control (UAC). Introduced in Vista, this changes the way administrator user accounts operate.

当管理员组中的用户登录时，会为该用户分配两个令牌:具有所有权限的令牌和具有降低权限的令牌.当该用户创建一个新进程时，默认情况下该进程会收到降低权限的令牌.因此，尽管用户具有管理员权限，但她默认不行使这些权限.这是一件好事"™.

When an user from the administrator group logs on, the user is allocated two tokens: a token with all privileges, and a token with reduced privileges. When that user creates a new process, the process is by default handed the reduced privilege token. So, although the user has administrator rights, she does not exercise them by default. This is a "Good Thing"™.

要行使这些权限，用户必须以提升的权限启动进程.例如，通过使用以管理员身份运行"动词.当她这样做时，完整的代币就会交给新的流程，并且可以行使全部的权利.

To exercise those rights the user must start the process with elevated rights. For example, by using the "Run as administrator" verb. When she does this, the full token is handed to the new process and the full range of rights can be exercised.

您几乎肯定不想检测您的进程是否正在运行.最佳做法是标记程序中需要提升的部分，并在程序的这些部分执行时强制系统显示 UAC 提升对话框.

You almost certainly don't want to be detecting whether or not your process is running elevated. Best practise is to mark those parts of your program that require elevation and force the system to show UAC elevation dialogs when those parts of the program execute.

绑定是提升只能在进程启动时发生.因此，如果您需要将您的应用程序拆分为需要提升的部分和不需要的部分，则需要多个进程.虽然您可以将整个应用标记为需要提升，但如果唯一需要提升的情况是更改计算机名称的极少数情况，则不应这样做.

The bind is that elevation can only happen at process start. So if you need to split your app into parts that require elevation, and parts that don't, there need to be multiple processes. Whilst you could mark your entire app as requiring elevation, you should not do so if the only thing that needs elevation is the very rare scenario where the computer name is to be changed.

您的下一步是在 MSDN 上了解详细信息.例如:

Your next step is to bone up on the details over at MSDN. For example:

• http://msdn.microsoft.com/en-us/library/windows/desktop/bb756996.aspx
• http://msdn.microsoft.com/en-us/library/windows/desktop/aa511445.aspx

这篇关于作为管理员与管理员组运行的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！