EDN Admin
Well-known member
Hello,<br/>
<br/>
Let me start with a little background. Im trying to make a program that in windows 8 can display a window above the new start screen(and applications launched from it). So, I went and changed the manifest to include /uiaccess = true, signed the application,
and put it into the Program Files folder to fullfill all the criteria that Ive been able to discover on the topic. The one sticking point Im having is that to get the windows to properly display on top, the program needs to be run as administrator. This
isnt really acceptable for my purposes. The program can be installed with admin rights, but when the normal user launches it, the program needs to be able to run without UAC popping up. (Side note: is there really no way around this administrator thing? I
thought the point of the uiaccess was for accessability applications, does everyone who needs such an application need to be an admin? It seems a little odd to me, but this isnt the main question.)<br/>
<br/>
So, to get around this problem I decided to use a service that I register when the application is installed. I just make a "launcher" app that will call the service, which will in turn call the main program, and since the service has elevated privileges the
program should run as intended. Looking into doing this, I found a codeproject article that seems to be doing exactly what I want to do (although the program was written for Vista at the time):<br/>
http://www.codeproject.com/Articles/18367/Launch-your-application-in-Vista-under-the-local-s<br/>
This seems to work for other people, but Im having trouble.
I got a launcher written, and am able to call the service with no problems. The problem comes when I call:<br/>
bResult = CreateProcessAsUser(<br/>
hUserTokenDup, // clients access token<br/>
_T("C:\Program Files (x86)\application\app.exe"), // file to execute (not the real file name)<br/>
NULL, // command line<br/>
NULL, // pointer to process SECURITY_ATTRIBUTES<br/>
NULL, // pointer to thread SECURITY_ATTRIBUTES<br/>
FALSE, // handles are not inheritable<br/>
dwCreationFlags, // creation flags<br/>
pEnv, // pointer to new environment block<br/>
NULL, // name of current directory<br/>
&si, // pointer to STARTUPINFO structure<br/>
&pi // receives information about new process<br/>
);<br/>
<br/>
The call fails, with the error:<br/>
The requested operation requires elevation.<br/>
<br/>
Which has me confused. I thought the duplication of the security token (as shown in the linked article) would mean that the call was made elevated. In fact, I thought that was the whole point.<br/>
<br/>
Does anyone have any idea what could be wrong with this? Or for that matter if theres an easier way to go about this.<br/>
<br/>
Thank you
-Tony
View the full article
<br/>
Let me start with a little background. Im trying to make a program that in windows 8 can display a window above the new start screen(and applications launched from it). So, I went and changed the manifest to include /uiaccess = true, signed the application,
and put it into the Program Files folder to fullfill all the criteria that Ive been able to discover on the topic. The one sticking point Im having is that to get the windows to properly display on top, the program needs to be run as administrator. This
isnt really acceptable for my purposes. The program can be installed with admin rights, but when the normal user launches it, the program needs to be able to run without UAC popping up. (Side note: is there really no way around this administrator thing? I
thought the point of the uiaccess was for accessability applications, does everyone who needs such an application need to be an admin? It seems a little odd to me, but this isnt the main question.)<br/>
<br/>
So, to get around this problem I decided to use a service that I register when the application is installed. I just make a "launcher" app that will call the service, which will in turn call the main program, and since the service has elevated privileges the
program should run as intended. Looking into doing this, I found a codeproject article that seems to be doing exactly what I want to do (although the program was written for Vista at the time):<br/>
http://www.codeproject.com/Articles/18367/Launch-your-application-in-Vista-under-the-local-s<br/>
This seems to work for other people, but Im having trouble.
I got a launcher written, and am able to call the service with no problems. The problem comes when I call:<br/>
bResult = CreateProcessAsUser(<br/>
hUserTokenDup, // clients access token<br/>
_T("C:\Program Files (x86)\application\app.exe"), // file to execute (not the real file name)<br/>
NULL, // command line<br/>
NULL, // pointer to process SECURITY_ATTRIBUTES<br/>
NULL, // pointer to thread SECURITY_ATTRIBUTES<br/>
FALSE, // handles are not inheritable<br/>
dwCreationFlags, // creation flags<br/>
pEnv, // pointer to new environment block<br/>
NULL, // name of current directory<br/>
&si, // pointer to STARTUPINFO structure<br/>
&pi // receives information about new process<br/>
);<br/>
<br/>
The call fails, with the error:<br/>
The requested operation requires elevation.<br/>
<br/>
Which has me confused. I thought the duplication of the security token (as shown in the linked article) would mean that the call was made elevated. In fact, I thought that was the whole point.<br/>
<br/>
Does anyone have any idea what could be wrong with this? Or for that matter if theres an easier way to go about this.<br/>
<br/>
Thank you
-Tony
View the full article