I'm trying to register a task for a local user who does not
have administrator rights to his/her machine. The task registration code below is wrapped as part of a console application and the application is made to Run As administrator
When the Administrator credentials are passed in during the Run As procedure, the task gets registered under the Admin's account rather than the local user's.
I would want the task to be registered under the user's account and also, this being a domain user, I cannot ask for his/her credentials. If the console application is simply double-clicked by the local user, I get the
Access is Denied
error. Although, task registration works fine when the local user is added to the Administrator group. But this is again not a feasible solution while the program gets deployed.
Below is the code that I'm currently running as Admin to register the task for a local user.
Could someone guide me as to what's the right way to register the said task under these circumstances?
//This task was never installed. So install.
TaskDefinition td = ts.NewTask();
td.RegistrationInfo.Description = "MFT Console Application";
// Run Task whether user logged on or not
td.Principal.LogonType = TaskLogonType.S4U;
// Run as Administrator
td.Principal.RunLevel = TaskRunLevel.Highest;
td.Principal.UserId = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
TimeTrigger trigger = new TimeTrigger();
trigger.StartBoundary = DateTime.Now;
trigger.Repetition.Interval = TimeSpan.FromMinutes(30);
td.Actions.Add(new ExecAction(System.Reflection.Assembly.GetExecutingAssembly().Location, null, null));
TaskService.Instance.RootFolder.RegisterTaskDefinition("MFT Console Application", td);