UAC Application Manifest when you don't know runtime application name - uac

I have a program that works fine if UAC is turned off. I want to be able to use a manifest to have it simply request elevation privileges when it launches.
The instructions from MS say "The application manifest file should have the same name as the target executable file with a .manifest extension" and that's probably why I am not having any success.
http://msdn.microsoft.com/en-us/library/bb756929.aspx
My program is built as "one.exe" and then {SmartAssembly} renames it to "two.exe" and then the users are encouraged to rename it again. I can't tell if that matters or which executable name to use.
Does anyone know if what I want is even possible? If not, is there a way to have the app tell the user that the problem us UAC related?
Thanks in advance.

Embed the manifest as a resource inside your .exe

Related

Calling an application with elevated Privileges from a normal privileged account from normal application causing issue when placed in Program Files

I have a program that needs to run with normal privileges. To prevent piracy, at the launch of our application we launch a License Manager application that needs to run with Elevated Privileges. Upon enquiring with our vendors, the License Manager seems to have this elevated privileges added in its app.manifest file which is necessary to read some kind of Disk ID information, so it is mandatory (we cannot reduce its privilege requirements).
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
The application successfully launches the License Manager if it is placed in a normal folder. However when it is placed in Program Files folder, it seems to close at launch with no intimation.
We also checked running the application with normal credentials without adding the License Manager (it works fine).
Do we need some sort of settings to be changed either in registry or in some other windows settings to enable launching elevated privileged application from normal account. Or perhaps some code snippet needs to be added at the code launch section which can enable this scenario.
We have even tried pasting the folder created in Program Files to the Desktop (it also runs fine).
OS: Windows 7
Please let me know if any additional information is needed form my side. Any help in this direction is appreciated.
My Humble appologies for assuming problem with Program Files Directory.
It turned out that the logs written by the License Manager were being written in the current application execution folder. The problem was caused by trying to write the log to Program Files folder when the appliction did not have the permissions to write a text file to this folder.
The logging logic was shared between the License Manager (from the program we called a function that was defined in the License Manager, which was writing logs) and the application running from the Program Files folder.
We changed the log creation folder to AppData folder. This has caused the applicaiton to launch successfully.
Cause Conclusion:
Writing log file in Program Files folder from an application that did not have admin privilege.
Note: I have added this post and this answer purely to help other like me, in case they dont have a solution in this type of scenario.

alternative to admin rights - fopen doesn't create C:\temp.txt in windows

In my current project I like to use fopen or fopen_s to create a file via "w" option.
Using a QT GUI the user may choose any file name which is basically the return string of a file dialog - similar to what is known to windows dialogs.
QFileDialog::getSaveFileName(this,"Save as...","","all files (*.*)");
However, depending on the file name it gets created or not.
So for instance I can write files in my build directory 'C:/SVN/builds/GUI/temp.txt'
And I can create files on the windows desktop 'C:/Users/XXX/Desktop/temp.txt'
I can even create files in other build dirs 'C:/SVN/builds/foo/bin/Release/temp.txt'
But fopen doesn't let me create 'C:/temp.txt' and returns "access denied" (errorno 13)
my issue can be solved like described here: https://stackoverflow.com/a/4735652/2220850
but this effectively requires the user to have admin rights for my silly little tool to run properly.
so isn't there another way to get permissions to write the file the user selected from within the GUI?
Or is there at least for the user and me a way to know where on the disks our tool may or may not create files?
cheers
I don't think you can solve this in a clean way. There are folders that are forbidden to non-admin users. That's the way it is (without tweaking to OS settings).
Displaying your users a sensible error message like "Access denied (you may need admin rights to write to this directory, select a directory you may write to)" is probably the best way.
Read/write stuff where the shell/OS tells you you can/should do. Call the shell API to find out the correct path for Windows OS:
SHGetFolderPath()
SHGetKnownFolderPath()

How to write files in C:\Windows\System32 with full permissions

Iam working on POS software using winforms. Iam trying to programmatically writing XML file (which contain some encrypted information about software serial number) to C:\Windows\System32 directory. But when i write i get an error Access denied.
Can anyone please explain how can i write this file with full permissions in this directory in windows 7 as well as in windows XP???
Any other suggestion or better way to do this will also be welcome.
Thanks in advance.
You'll need to be an administrator on the machine to write to the Windows directory. In addition, on Vista and later, your process will need to be "elevated" (otherwise known as Run As Administrator). You can configure this on your application's property sheet, as discussed here, or with a bit more work, do it programmatically.
It's bad practice to write to that directory, though, notwithstanding all the (misguided) software that does that. Save your files somewhere else. %appdata% or %localappdata% (directories specifically meant for application data) are good choices.

log4net writing to file. How to open up permissions

I was happily using log4net with my WPF program on an XP machine and happily using a fileAppender FileAppender to write log messages to c:\log.txt. All was well. However, it does not work on a Windows 7 machine. No error or anything, just that the file isn't created, much less logged to. A little research reveals that it's a file permissions problem (UAC) with Windows 7, and in fact it works if I run the executable as administrator. It doesn't work if I just click on it (even though I'm logged on as administrator) and it doesn't work when I launch from Visual Studio.
Questions:
1. Can someone point me to an example where I ask for permission to write to one and only one file (C:\log.txt). I've seen some examples of where the app.config is configured to ask that the whole program is run with admin privileges. This seems like overkill but I guess it would work.
2. Is there as better way to send the information to a log file? After all, perhaps C: does not exist on user machine. I think I recall the idea of a "user partition" in Windows 7, but whatever I do has to work on XP and Vista.
Thanks a ton,
Dave
You should not be trying to write directly to the root folder. Under windows 7, you will either have to run as administrator or disable UAC for that to work and neither are recommended.
Instead you can write to a folder in the 'application data' area
If you are using a .config file to configure log, you can use something like
<file value="${ALLUSERSPROFILE}\CompanyName\ProductName\Log.txt" />
or
<file value="${APPDATA}\CompanyName\ProductName\Log.txt" />
depending on whether you want the log files to be specific to a user or not.
(Obviously you replace CompanyName and ProductName with your own details).
This should work on Xp/Vista/W7.
You have 3 options in my eyes:
like mentioned always run your app as admin altough thats not a brilliant solution
Use the local path of the executing app to store your log - I always prefer this method as I always know where my logs are ( AppDomain.CurrentDomain.BaseDirectory will help you)
Use "My Documents" or some similar special folders - a quick google gives us: special folders
I hope this helps.

write file in network shared folder with UnauthorizedAccessException?

hi the win mobile 6 code tries to write files on network shared folder, but always gets UnauthorizedAccessException. I have checked permission and security setting on the folder and the code can read the file but just cant write to it. The code runs under administrator account which has full control over the folder and files. It is in vs 2008 professional with device emulator.Any help please? thanks very much.
You've verified that you can write the file outside of your program, correct? i.e. logged into a machine account and tried placing that specific file there.
Do you have access to the system that hosts the file? If so, you can check it's access logs to verify which account your app is using.
My guess would be that either your app isn't using the account you think it is, or that the admin account may doesn't actually have write access to that folder or file.

Resources