Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to run application with Admin privileges using Manifest file in Visual Studio 2005?

I need to create an application which needs to create files/folders in "C:\Program Files","Users[username]" and Sys32. Also the application needs to make some registry entry.

This application needs to work on Vista and higher. Also, on Windows Server 2003 and higher.

The above Operating Systems have the concept of User Account Control (UAC), where to access Program Files and writing in registry requires admin privileges.

I looked into many forums and found that using Microsoft SDK we can check whether the current user have admin privileges or not . But the function "CheckTokenMembership" fails for Vista and higher version of OS.

I also found a solution where manifest file can be used to tell OS in advance that the current application requires admin privileges. This is done using "requestedExecutionLevel" tag.

I am using Visual Studio 2005 to create the application. When we create an application in Visual Studio a default manifest file is created. Can I change this manifest file to include "requestedExecutionLevel" tag, so that my application always runs with admin privileges?

Is there any other method through which my application runs with admin privileges without asking user (admin or standard) to run my application as "run as admin"??

Thanks!

like image 391
Lipika Avatar asked Apr 12 '13 09:04

Lipika


People also ask

How do I run Visual Studio as administrator?

Run Visual Studio as an administratorOpen the Start menu, and scroll to Visual Studio. From the right-click or context menu of Visual Studio 2019 or Visual Studio 2022, select More > Run as administrator. When Visual Studio starts, (Administrator) appears after the product name in the title bar.

What is the use of manifest file in Visual Studio?

In this article A manifest can be an external XML file or a resource embedded inside an application or an assembly. The manifest of an isolated application is used to manage the names and versions of shared side-by-side assemblies the application should bind to at run time.


2 Answers

You should find an option for this in project properties Linker -> Manifest File -> UAC Execution Level. Set this to requireAdminstrator.

This will cause the default generated manifest to include the requestedExecutionlevel that you need, so that your users will be prompted automatically to elevate their privileges if they are not already elevated.

screenshot of visual studio UAC options

like image 87
snowcrash09 Avatar answered Oct 05 '22 12:10

snowcrash09


Acknowledgements and Introduction

This question helped me and I will help back with the knowledge I gained. Thanks to:

  1. Lipika(The person whom asked the question) revealing that admin access was the reason why access to system directories were redirected to virtual directories. It was later clear that lack of admin access cause writing to certain registry keys to fail.

  2. snowcrash09 for revealing the Visual Studio option for enabling require admin access. With further research on MSDN, I got the manifest to not embed into the executable under Properties>Manifest Tool; thus allowing me to read it.

Nayana's link to polynomial's answer is also good. Here I will borrow part of his answer in my demonstration.

Answer

As Lipika have stated, you require admin access, else Windows Vista and up will redirect you to a virtual directory. Which is great. Logically then your app should request admin access. You can let the user do it manually. If not, Windows provides many ways to do this programatically. The easiest way is to declare it in your app's manifest. Here I will dedicate instructions to individuals not using Visual Studio. If you are using Visual Studio, it is as easy as Properties>Linker>Manifest File>UAC Execution Level.

If you are using CodeBlocks for example; create a file called app_resources.rc. With CodeBlocks its very import that this file has the .rc extension, so CodeBlocks knows to compile it with windows resource tool. Copy the following code into this file, and add it to your project.

#include <windows.h>
CREATEPROCESS_MANIFEST_RESOURCE_ID RT_MANIFEST "adminAccess.manifest"

Create a manifest file called adminAccess.manifest. copy the following code to the file. Do not need to add this file to your project as it is reference from your rc file.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
   <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> 
      <assemblyIdentity 
          version="1.0.0.0"
          processorArchitecture="X86"
          name="MyApplication"
          type="win32"/> 

     <description>Description of your application</description> 

     <!-- Identify the application security requirements. -->
     <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
        <security>
           <requestedPrivileges>
              <requestedExecutionLevel 
                   level="requireAdministrator" 
                   uiAccess="false"/>
           </requestedPrivileges>
         </security>
     </trustInfo>
 </assembly>

Now you can compile your app and it will automatically prompt for admin credentials when run. It will return failure if admin access was not granted. On Windows Xp, you won't be prompted for any authentication.

Note that from here you can edit the manifest to add features such as visual styles for Windows widgets and DPI awareness.

If you are not using CodeBlocks. For example you are compiling from the command line. You pretty much have to compile the rc file with the Windows Resource Tool. In MinGw build tools, this is called windres.exe. It will compile a .res file. You then link this resulting file, with all the other files you will be linking at the linker stage.

Note that the rc file is a windows resource file and carries all the resources your app uses such as BITMAPs, ICONs, STRINGs, dialog template. Which will all be stored in the final executable. Which you can then load from the executable using Windows specific functions. This is pretty similar to what Android does.

like image 28
user13947194 Avatar answered Oct 05 '22 12:10

user13947194