Home/ Questions/Q 9093199
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-16T23:02:00+00:00

I’m writing a small C# (.NET 4) application that will run as a replacement

  • 0

I’m writing a small C# (.NET 4) application that will run as a replacement for the user’s “Shell” when logging in to Windows Server 2012. Amongst other things, I’d like to offer the user the chance to change the password of their own local account.

Using the following code ..

 DirectoryEntry directory = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer");
 DirectoryEntry userEntry = directory.Children.Find(username);
 userEntry.Invoke("SetPassword", new object[] { newPassword });

 userEntry.CommitChanges();

… works fine if the code is launched from an elevated command prompt. However, as the Shell replacement runs as a “normal” application, I get an

Access is denied

exception when the code runs, even if the user is set as a local administrator.

Is there any code or mechanisms I can use to programatically set the users own local account passwords without having to elevate? Or (and I’m aware this is maybe more a ServerFault question:) any way to run the “replacement shell” as an elevated process without having to disable UAC?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Add a Manifest to your Assembly to get past the UAC (User Account Control)

    In VS2010 you can add the manifest file to your project. Right click your project file on the Solution Explorer, select Add, then New item. There you can find Application Manifest File.

    Modify it so that you get one of the following:

    1. Normal
    2. Highest Available (Depanding on the user permissions)
    3. Admin Rights

    There are also 2 tools that came with VS2010 that you can use for that:

    1. MageUI.exe (Manifest Generation and Editing Tool, Graphical Client)
    2. Mage.exe (Manifest Generation and Editing Tool, Command Line)
    • 0