Ive written a program to manage our Active Directory in c# - windows forms.
I'm stuck at the following point: For managing the Active Directory and Commiting Changes, you have to run the program as administrator. I want to include a login button to verify as admin and be able to commit changes without starting the .exe directly as admin.
Something like:
group.Properties["member"].Add(distinguishedName);
group.CommitChanges();
If this is not possible I was thinking it could maybe be possible to restart the program when the user has typed in his credentials and putting in the admin-credentials directly into the username and password field as parameters.
Is that possible? If not, do you have other suggestions?
Your program does not need to run as admin. You just need to connect to Active Directory using credentials that have permissions to update that group. By default, it will use the credentials that the program is running with. So it sounds like whichever credentials you are using to run as admin also has permissions to update that group.
If it helps you, you can use alternate credentials for connecting to AD by using the constructor for DirectoryEntry that accepts credentials. For example:
var group = new DirectoryEntry($"LDAP://{groupDn}", "username", "password");
group.Properties["member"].Add(distinguishedName);
group.CommitChanges();