Solved

How to elevate rights programmatically for the application in Windows 7

Posted on 2010-08-18
6
3,908 Views
Last Modified: 2012-05-11
Hi,

Our C++ application (native, unmanaged code) checks whether some essential DLLs are registered.  If not, it tries to register them.  In other words, the automatic registration must be done when the application is executed for the first time.  Second and next times this is not to be repeated.

The application is installed by copying to certain directory (no installer yet).

The situation is complicated on Windows Vista or Windows 7 because even the administrator must explicitly elevate the rights.  Currently, he or she can do it during launching the application via right-click on the app icon and choosing the "Run as administrator".  However, it is not convenient and we have to explain it again and again to the users who install the application.

My question is: Can the application elevate the right automatically when it decides so?  I understand that it should not be done silently -- the UAC warning is OK in this case, no problem.

Thanks,
    Petr
0
Comment
Question by:pepr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 2

Accepted Solution

by:
jayaram13 earned 200 total points
ID: 33463773
0
 
LVL 6

Assisted Solution

by:ChristianWimmer
ChristianWimmer earned 200 total points
ID: 33463775
Easy.

1. User runs your app.
2. Test whether your app is running as admin,
 a. if yes, register your dlls and go to 4.
 b. if not continue to 3.
3. Call ShellExecuteEx with parameter verb = runas and call you app a second time with some parameter that says register dlls or similar. Your first process must wait (WaitForSingleObject) on the process handle returned by ShellExecuteEx.
Check the return value of ShellExecuteEx (also see msdn docs) and also if your DLL registration was successfull, then proceed with 4.
4. continue to run

This also works on XP btw. In this way you'll get a logon dialog where an admin can input his credentials.
0
 
LVL 9

Assisted Solution

by:Subrat (C++ windows/Linux)
Subrat (C++ windows/Linux) earned 100 total points
ID: 33471336
Take look at ImpersonateLoggedOnUser() in MSDN

U also can use a manifest file to do the same.
0
Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

 
LVL 29

Author Comment

by:pepr
ID: 33482296
Thanks for your suggestions.  To clarify the things, the application should be installed and first-time executed by a local administrator.  This way, the impersonation does not seem to be neccessary.  Only the elevation of the existing rights is the goal.

If I understand it well, the elevation can be done only when the process starts.  No way to elevate the rigts temporarily for the running process.  This way it seems that to do the registration of DLLs or other actions that require elevated righs, the separate, helper application could be created for the purpose.  The helper application would be executed (with elevated rights) from inside the main application and it will wait until the helper quits.  After that, it can continue.

Is it reasonable?  
0
 
LVL 6

Assisted Solution

by:ChristianWimmer
ChristianWimmer earned 200 total points
ID: 33482818
Yes, this is the suggested way by MS.

Elevation means to run a new process using a different token with admin rights. Setting this token while running is only possible with a process that runs with admin rights (e.g. service) or calls LogonUser.

BTW: A process cannot be "inside" another one. Instead a process can be a child process.
0
 
LVL 29

Author Closing Comment

by:pepr
ID: 33482888
Thanks all for the help. ;)
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
There are many software programs on offer that will claim to magically speed up your computer. The best advice I can give you is to avoid them like the plague, because they will often cause far more problems than they solve. Try some of these "do it…
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question