Admin permission to run netsh in java

0

In a java program I developed, I need to open a connection on port 21 (ftp), but Windows 7 by default blocks this port. I tried to add a rule in the firewall allowing the connection using Runtime.getRuntime (). Exec ("netsh ..."), but netsh needs admin permission. Is there a way in java to invoke a window requesting permission?

    
asked by anonymous 12.05.2017 / 02:40

1 answer

2

Well, there are a few ways you can do this by what you meant by your question.

1 - Creating a Manifest

You need to create a manifest file that specifies that your application needs administration permissions. You can include this manifest within your exe or leave it separate from your file (yourapp.exe.manifest).

link

link

2- Runes

  

Runes allows a user to run specific tools and programs with different permissions than the current user logon provides.

There is a difference between being connected to an account that is part of the Administrators group and running (a) elevated or (b) as the built-in Administrator account.

Whenever you run as an Administrator, you are always elevated - by definition. Therefore, if you run / user: administrador this window will be raised when it opens, you will not receive a UAC prompt and the netsh command should be run.

But because the built-in Administrator account always runs at high levels and does not generate UAC runp prompts, it is a security risk, especially if you do not have a password. This is why Microsoft disables the administrator account by default and requires you to enable it first:

  

In Windows® 7, the integrated administrator account is disabled by default. In earlier versions of Windows, an administrator account was created automatically during Out-of-Box-Experience (OOBE) with a blank password.

     

An administrator account with a blank password is a security risk. To better protect your system, the built-in Administrator account is disabled by default on all clean installs and Windows 7 updates.

Because of this, you need to enable Admin mode by doing the following:

Altere as propriedades da conta de administrador usando a Console de Gerenciamento Microsoft (MMC) de Usuários e Grupos Locais.

 1 - Abra o console do MMC e selecione Usuários e Grupos Locais.

 2- Clique com o botão direito do mouse na conta Administrador e selecione Propriedades. 

3 - A janela Propriedades do administrador é exibida. 

4 - Na guia Geral, desmarque a caixa de seleção Conta desativada. 

5 - Feche a consola MMC.

Also, be aware that runas does NOT allow you to pass arguments to the run program:

RUNAS : 

RUNAS [ [/noprofile | /profile] [/env] [/savecred | /netonly] ]
 /user:<UserName> program 

RUNAS [ [/noprofile | /profile] [/env] [/savecred] ] 
 /smartcard [/user:<UserName>] program 

RUNAS /trustlevel:<TrustLevel> program 

Simple example

The following command starts an instance of the command prompt as an administrator on the local computer:

runas /user:<localmachinename>\administrator cmd 

link

3 - Batch files

You can use a Windows program to elevate your privileges. The program will display the UAC prompt and then you will have administrator privileges.

link

You can then run for command like this:

Runtime.getRuntime (). Exec ("Elevate.exe yourcommand");

Extra information:

link

link

link

link

  

NOTE: If you have questions regarding the above topics, just ask.

    
21.05.2017 / 04:34