How to start the program automatically as an administrator when starting Windows?

You need to connect it to the task scheduler so that it starts after a user logs in using a user account that has administrative access to the system with the highest privileges granted to the processes launched by this account.

This is an implementation that is used to automatically start processes with administrator rights when logging in as a regular user.

I used it to run the OpenVPN GUI helper process, which requires elevated privileges to work properly and therefore will not start properly from the registry key.

At the command line, you can create a task from the XML description of what you want to accomplish; therefore, for example, we have this exported from my system that would launch the notepad with the highest privileges when logging in:

 <?xml version="1.0" encoding="UTF-16"?> <Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task"> <RegistrationInfo> <Date>2015-01-27T18:30:34</Date> <Author>Pete</Author> </RegistrationInfo> <Triggers> <LogonTrigger> <StartBoundary>2015-01-27T18:30:00</StartBoundary> <Enabled>true</Enabled> </LogonTrigger> </Triggers> <Principals> <Principal id="Author"> <UserId>CHUMBAWUMBA\Pete</UserId> <LogonType>InteractiveToken</LogonType> <RunLevel>HighestAvailable</RunLevel> </Principal> </Principals> <Settings> <MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy> <DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries> <StopIfGoingOnBatteries>false</StopIfGoingOnBatteries> <AllowHardTerminate>true</AllowHardTerminate> <StartWhenAvailable>false</StartWhenAvailable> <RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable> <IdleSettings> <StopOnIdleEnd>true</StopOnIdleEnd> <RestartOnIdle>false</RestartOnIdle> </IdleSettings> <AllowStartOnDemand>true</AllowStartOnDemand> <Enabled>true</Enabled> <Hidden>false</Hidden> <RunOnlyIfIdle>false</RunOnlyIfIdle> <WakeToRun>false</WakeToRun> <ExecutionTimeLimit>PT0S</ExecutionTimeLimit> <Priority>7</Priority> </Settings> <Actions Context="Author"> <Exec> <Command>"c:\windows\system32\notepad.exe"</Command> </Exec> </Actions> </Task> 

and it is registered on the admin command line using:

 schtasks /create /tn "start notepad on login" /xml startnotepad.xml 

this answer really needs to be ported to one of the other stackexchange sites, as it is not actually a programming issue per se.

Configuring the compatibility of your application with the administrator (Run theprogram as an administrator) .

Connect it to task scheduler , then turn off UAC .

I think that using the task scheduler to autostart programs is not very convenient, and sometimes it has side effects for me (for example, the tray icon for the program is not added).

To fix this, I created a program called "Increased Launch", which is first overwritten with administrator rights, then runs all the files in the directory. Since Elevated Startup is now upgraded, all running programs also gain administrative privileges. The directory is located in the Start menu next to the classic Startup directory and works very accurately.

You may encounter one UAC dialog box when the program restarts, depending on the UAC settings.

You can get the program here: https://stefansundin.imtqy.com/elevatedstartup/

The program I wrote, farmComm, can solve this problem. I released it as open and public.

If this does not meet your criteria, you can easily change it to do so.

farmComm:

• It starts at boot under a service, which continues when users log in or log out.
  • In session 0
  • Under the user "NT AUTHORITY \ SYSTEM."
• spawns arbitrary processes (you choose);
  • Also in session 0
  • Invisible or without displaying user interface / GUI
  • Access to graphic equipment (for example, graphic processors).
  • Responds to an active session, even if it is changing, including Secure Desktop. Here's how it is:
  • Initializes processes only after the user has been idle for 8.5 minutes.
  • Fails when user wakes up from standby

Source scripts are available here:

https://github.com/r-alex-hall/farmComm

You must also consider the security implications for starting a process as an administrator or service user. If any input is not checked correctly, for example, if it listens on the network interface. If the parser for this input does not validate, it can be abused and possibly lead to an exploit that can run code as an elevated user. in the abatishchev example, this should not be a big problem, but if it needs to be deployed in a corporate environment, perform a security assessment prior to the large-scale deployment.

You can do this by setting the task while working as an administrator using the TaskSchedler library . I am assuming that .NET / C # is a suitable platform / language, given your related issues.

This library gives you detailed access to the Task Scheduler API, so you can adjust parameters that you cannot set on the command line by calling schtasks , for example, startup priority. As an application for parental control, you want it to have a startup priority of 0 (maximum), which schtasks will create a default priority of 7.

Below is an example of code for setting a correctly configured launch task to launch the required application as an administrator for an indefinite period of time at the entrance to the system. This code will set the task for the process itself from which it runs.

 /* Copyright © 2017 Jesse Nicholson This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/. */ /// <summary> /// Used for synchronization when creating run at startup task. /// </summary> private ReaderWriterLockSlim m_runAtStartupLock = new ReaderWriterLockSlim(); public void EnsureStarupTaskExists() { try { m_runAtStartupLock.EnterWriteLock(); using(var ts = new Microsoft.Win32.TaskScheduler.TaskService()) { // Start off by deleting existing tasks always. Ensure we have a clean/current install of the task. ts.RootFolder.DeleteTask(Process.GetCurrentProcess().ProcessName, false); // Create a new task definition and assign properties using(var td = ts.NewTask()) { td.Principal.RunLevel = Microsoft.Win32.TaskScheduler.TaskRunLevel.Highest; // This is not normally necessary. RealTime is the highest priority that // there is. td.Settings.Priority = ProcessPriorityClass.RealTime; td.Settings.DisallowStartIfOnBatteries = false; td.Settings.StopIfGoingOnBatteries = false; td.Settings.WakeToRun = false; td.Settings.AllowDemandStart = false; td.Settings.IdleSettings.RestartOnIdle = false; td.Settings.IdleSettings.StopOnIdleEnd = false; td.Settings.RestartCount = 0; td.Settings.AllowHardTerminate = false; td.Settings.Hidden = true; td.Settings.Volatile = false; td.Settings.Enabled = true; td.Settings.Compatibility = Microsoft.Win32.TaskScheduler.TaskCompatibility.V2; td.Settings.ExecutionTimeLimit = TimeSpan.Zero; td.RegistrationInfo.Description = "Runs the content filter at startup."; // Create a trigger that will fire the task at this time every other day var logonTrigger = new Microsoft.Win32.TaskScheduler.LogonTrigger(); logonTrigger.Enabled = true; logonTrigger.Repetition.StopAtDurationEnd = false; logonTrigger.ExecutionTimeLimit = TimeSpan.Zero; td.Triggers.Add(logonTrigger); // Create an action that will launch Notepad whenever the trigger fires td.Actions.Add(new Microsoft.Win32.TaskScheduler.ExecAction(Process.GetCurrentProcess().MainModule.FileName, "/StartMinimized", null)); // Register the task in the root folder ts.RootFolder.RegisterTaskDefinition(Process.GetCurrentProcess().ProcessName, td); } } } finally { m_runAtStartupLock.ExitWriteLock(); } }