C# - Running a new process as a user with blank password

I have a child proc开发者_JS百科ess I spawn from my main application that needs to be run as another local user on a Windows 7 machine. I would prefer to not set a password on that user account, but it seems that creating a new process with impersonation does not allow for blank passwords or any type of null values. Anyone know if this is possible?

below was my attempt with passing a blank char:

ProcessStartInfo info = new ProcessStartInfo(@"C:\PathToExecutable");
System.Security.SecureString psswd = new System.Security.SecureString();
psswd.AppendChar('\0');
psswd.MakeReadOnly();

info.UseShellExecute = false;
info.UserName = "NewProcessName";
info.Password = psswd;
info.Domain = "LocalMachine";

Process newProc = new Process();
newProc.StartInfo = info;

newProc.Start();

edit: The error message I recieve

Logon failure: user account restriction. Possible reasons are blank passwords not allowed, logon hour restrictions, or a policy restriction has been enforced

For to do this you have to disable a security policy

1. Go to Control Panel → Administrative Tools → Local Security Policy.
2. Browse the Security Settings → Local Policies → Security Options... Look for "Accounts: Limit local account use of blank password to console logon only".
3. Select Disabled and APPLY

there is other solution here: https://sites.google.com/site/sqlestream/windows-issue/10-cannot-access-the-shared-folder-due-to-blank-password-not-allowed

ProcessStartInfo procStartInfo = new ProcessStartInfo("File Name", "Argument(Optional)")
{
      UserName = "UserName",
      RedirectStandardError = true,
      RedirectStandardOutput = true,
      UseShellExecute = false,
      CreateNoWindow = true
};
using (Process proc = new Process())
{
       proc.StartInfo = procStartInfo;
       proc.Start();
}

and then you will be able to execute a process without declaring an user password

What are you using to impersonate? LogonUser() should allow a blank password.

I don't think calling psswd.AppendChar('\0') is the right way to specify a blank password. Try removing the SecureString from your code to see if you can at least make the impersonation work. Then add the SecureString back in to see if your problem lies there.

* Edit *

Try this:

unsafe {
    char* ary = stackalloc char[0];
    SecureString str = new SecureString(ary, 0);
}

set info.Password to your new SecureString... not sure if you'll have to do that within the unsafe context or not.

As this question points out, set LoadUserProfile to true in StartInfo. Try that out, it might help.

This is apparently a known issue that LogonUser() fails with a blank password. I set a generic password for required user accounts in my use case.