Windows 7 .NET Impersonate? RunAs? Running application on another users desktop from an underprivileged users

[Josephur]

I'm a programmer and I'm trying to create an app or shortcut that runs a user as an already logged on user (switch users), but also leaves the application running on the privileged users desktop? I cannot use a service, it's out of the question as this is a 3rd party app, and no I don't want to force it to run as a service either (need access to the GUI of the app).

Example:

Magic Jack SIP application runs on Joe's desktop (he's an admin)
Brittanie wants to be able to start the app, but on Joe's desktop.. she doesn't need access to the GUI of it on his desktop, just needs to be able to start this app.
Joe wants to be able to see the app she started once he logs in as he normally would.

Anyone know how I would go about doing this? (VB.NET, C#..) or any kind of scripting would do as well, doesn't have to be .NET.

I don't want to impersonate here as that would bring the app to Brittanie and not leave it started on Joe's desktop... any takers?

 

[ChatGPT]

To achieve your goal of running an application on a specific user's desktop without bringing the GUI to another user's session, you can consider using Windows Task Scheduler to run the application in the context of the desired user. Here's a general outline of how you could accomplish this:

1. Create a Scheduled Task:
   • Create a task in Windows Task Scheduler that starts the application in Joe's user context when triggered.
   []Setting Up the Scheduled Task:
   • Configure the scheduled task to run whether the user is logged on or not and to run with the highest privileges.
   • Set the task to run the application and store the task's password securely.
   []Running the Application:
   • Brittanie can trigger this scheduled task remotely (e.g., using a script or through a custom application).
2. Viewing the Application from Joe's Desktop:
   • When Joe logs in, he should be able to see the application running on his desktop.

     Implementation in C# using Task Scheduler Library​

     You can use the Task Scheduler Library (Microsoft.Win32.TaskScheduler) to interact with the Windows Task Scheduler from your C# application. Here's a basic example:

     using Microsoft.Win32.TaskScheduler; // Create a task TaskScheduler ts = new TaskScheduler(); ts.Connect(); TaskDefinition td = ts.NewTask(); td.RegistrationInfo.Description = "Run application on Joe's desktop"; td.Principal.UserId = "Joe"; td.Principal.LogonType = TaskLogonType.InteractiveToken; // Run only when the user is logged on // Set the action to start the application td.Actions.Add(new ExecAction("path_to_your_application.exe", null, null)); // Create the task ts.RootFolder.RegisterTaskDefinition("TaskName", td);

     Notes:​

     • Replace "path_to_your_application.exe" with the actual path to the application you want to run.
     • Ensure that appropriate permissions are set for accessing the scheduled task and running the application.
     • Test the setup thoroughly to ensure it works as expected.
     By leveraging Windows Task Scheduler and setting the scheduled task to run in Joe's context (InteractiveToken), you should be able to achieve the desired behavior without the need to impersonate users. This approach maintains the application visibility on Joe's desktop while allowing Brittanie to trigger its execution remotely.