I have a problem I start an application with admin rights from this application, another application is started at the end. This then inherits the admin rights. But it should start with normal user rights. Does anyone have a solution for the problem or a tip?
The simplest way is to ask Explorer to start it for you:
Process.Start("explorer.exe", """C:\path to\your.exe""")
You can't pass any arguments to the exe - the exe name is already an argument to explorer and I don't believe there is a way to make explorer interpret the rest of what you give as arguments (to explorer) as "arguments that should be passed to the program being started"..
..but you could create a mini program that passes the relevant arguments and explorer start that mini instead.
'this is literally all the mini program does, then quits:
Process.Start("myactualprogram.exe", "some fixed arguments")
And your main elevated program does:
Process.Start("explorer.exe", """C:\path to\miniprogram.exe""")
--
"But what if the arguments aren't always fixed?" I hear you cry.. "How can I make my mini program do Process.Start("myactualprogram.exe", "varying arguments here") when all I can do is launch it by name?"
Well.. You could either make your actual program contact your first program via TCP sockets or something and ask it for info - interprocess communciation.. Or could write a file with the arguments that your actual program can pick up.. Or if the arguments are simple enough you could just rename (or copy) the mini program so it contains the arguments in its name and when it launches it can parse its own name
'myactualprogram.exe is expecting args of: varying arguments here
'the launcher is a winforms app called 'varying arguments here.exe' that has this code
Dim args = Path.GetFilenameWithoutExtension(Application.ExecutablePath)
Process.Start("myactualprogram", args)
Of course, if your program is expecting args like /out=c:\temp\file.txt then you'll have to get a lot more creative with itbecause you can't put / \ : in filenames.. how about base64 encoding the entire arg string, naming the file that, then having your launcher program decode the b64?