Delphi and Windows Vista User Account Control

By: Fredrik Haglund

Abstract: User Account Control is one of the major features in Windows Vista that will have a large impact on your Delphi application because everyone will run your applications as Standard User.

Hide image

watch

Format: Flash
Time: 33:18

Download:
Video
Examples
Slides

Watch the presentation I prepared for Oslo Delphi Clubs meeting in December for learning what UAC is and why it will affect you.

I have only extracted a part of the presentation into this article. It is the content on how you fix it in Delphi.

You can also download the video, example application and slides.

You application should work out of the box in Windows Vista if you have followed the guidelines about how to write a well behaving Windows application that has been in the Windows logo program for years.

The only thing that has really changed is that things that earlier where recommendations is now enforced. If you break the rules Vista has some bold compatibility features that probably will make administrating your application a nightmare.

Requested Execution Level in Delphi

Include information about execution level in your executable to turn of the compatibility mode and signal to Vista if this application should run as a standard user or must be an administrator.

First add a resource with a manifest to your application. Make sure to remove all references to XPMan unit from project!!!

Hide image
Click to see full-sized image

The rc file is compiled to a res file and only contains the resource type (24 for Manifests) and the filename of the resource file to be embedded.

Hide image

The Manifest file

First section with dependency information is the same as you include today when the XPMan unit to get the new look and feel of the user interface. This part is needed.

Hide image
Click to see full-sized image

The second section with trust info is new.

  • level=”asInvoker”
    • Start process running with same token as the process creating it.
  • level=”highestAvailable”
    • Ask administrators for consent to elevate but start as standard user if user has no administrative privileges
  • level=”requireAdministrator”
    • Ask administrators for consent to elevate.
    • Standard user will get login dialog for over the shoulder support
    • Will only start with administrative privileges

Windows XP Warning!

Incorrect formatting of Manifest can blue screen Windows XP. Read KB921337.

SHGetFolderPath

Many locations are read only for standard user! Do not open files or registry keys with Write flag.

It is important to use a correct path. A lot has moved around in Vista so no hard coded strings in your application. Save data, log files, etc. in the right location using SHGetFolderPath.

  • CSIDL_PERSONAL { My Documents }
  • CSIDL_APPDATA { Application Data, new for NT4 }
  • CSIDL_LOCAL_APPDATA { non roaming, user\Local Settings\Application Data }
  • CSIDL_COMMON_APPDATA { All Users\Application Data }
  • CSIDL_MYPICTURES { My Pictures, new for Win2K }
  • CSIDL_COMMON_DOCUMENTS { All Users\Documents }

Hide image
Click to see full-sized image

RunAsAdmin

Using ShellExecute to start process running as administrator. The Application.Handle delays elevation if the application is minimized preventing the secure desktop to steel focus for the consent dialog when the user is doing something else. Use Application.Handle (or MainForm.Handle if you have applied other patches that make it the application windows)

If you do not use a handle UAC will always give direct foreground elevation.

Hide image
Click to see full-sized image

Using COM class for Admin tasks

Instead of launching a separate application to perform an admin task it is possible to call a COM object that runs elevated from a process that only run as standard user.

The COM Server must be an EXE and the EXE should have requireAdministrator to install COM objects correctly. You have to add two things to the registration:

  • add value LocalizedString (and resource string in executable)
  • add key Elevation and value Enabled = 1

Creating the elevated COM object

Use a Moniker from the User Process to create an elevated CoClass running in process with admin token. Call it’s methods as usual.

Hide image
Click to see full-sized image

Adding the Shield to your buttons- SetElevationRequiredState

It is very simple to get the Shield icon onto your buttons, links and menu items to indicate that clicking them will require admin rights and that a consent dialog will appear.

Hide image
Click to see full-sized image

See also:


Server Response from: ETNASC04