RexHeadlong
Programmer
Hi,
I've seen similar posts, but as yet no viable solution, so here goes:
I am using C#/.NET V1.1, etc. I have a client.exe which, when started, connects to a service on the same or different machine. For now, let's assume the client and service apps are on the same machine.
I would like to make my client application start the service if the service is not already running.
I'm using a ServiceController to get the state of the service, and I use the Start() method to start it if it is not running. This works fine, as long as the user running client.exe has Admin rights. If the user does not have Admin rights, it fails to start the service. I would like any user to be able to run client.exe and start the service if necessary.
So far, I have been going crazy trying to manually set up Code Groups in the .NET Framework Configuration Management Console snap-in. I created 2 Machine-specific MyComputer code groups, one for the folder containing my client app and one for the folder containing my service app. I granted each code group FullTrust (I verified that it had unrestricted Service Controller permission), but that did not work. I then created a custom permission set that basically amounted to FullTrust, but that did not work.
Can somebody tell me if I am on the right track? Should some combination of Code Group and Permission Set work? Should I be doing something else?
I have seen that there is a ServiceControllerPermission object. Should I be using that somehow?
There is very little documentation on Code Access Security and these other security objects, so any help, hints, or nudges in the right direction would be very appreciated.
Thanks.
I've seen similar posts, but as yet no viable solution, so here goes:
I am using C#/.NET V1.1, etc. I have a client.exe which, when started, connects to a service on the same or different machine. For now, let's assume the client and service apps are on the same machine.
I would like to make my client application start the service if the service is not already running.
I'm using a ServiceController to get the state of the service, and I use the Start() method to start it if it is not running. This works fine, as long as the user running client.exe has Admin rights. If the user does not have Admin rights, it fails to start the service. I would like any user to be able to run client.exe and start the service if necessary.
So far, I have been going crazy trying to manually set up Code Groups in the .NET Framework Configuration Management Console snap-in. I created 2 Machine-specific MyComputer code groups, one for the folder containing my client app and one for the folder containing my service app. I granted each code group FullTrust (I verified that it had unrestricted Service Controller permission), but that did not work. I then created a custom permission set that basically amounted to FullTrust, but that did not work.
Can somebody tell me if I am on the right track? Should some combination of Code Group and Permission Set work? Should I be doing something else?
I have seen that there is a ServiceControllerPermission object. Should I be using that somehow?
There is very little documentation on Code Access Security and these other security objects, so any help, hints, or nudges in the right direction would be very appreciated.
Thanks.
