Its about time for us to get ready for Windows 7. and most of us have to develop applications compatible to Windows 7, Vista, and Server 2008. and sometimes we need applications to run with administrative privileges. and that’s not a big deal. but in these new Operating Systems, even an administrator is sometimes locked by the UAC when running some applications.
some applications might throw exceptions in such situation, when we need administrative privileges to do some task, if they don’t request for UAC elevation by the application. only option to make these application is to right click and select “Run as Administrator” to manually trigger UAC.
In this post I’m going to show how to request for UAC Elevation for a .net Application. this explains the use of Application Manifests that request the OS for UAC elevation.
Code
I have my sample windows form C# Project with a single form that shows a message box on form load,showing whether you are an administrator or not.
private void Form1_Load(object sender, EventArgs e) { bool isAdmin = new WindowsPrincipal(WindowsIdentity.GetCurrent())
.IsInRole(WindowsBuiltInRole.Administrator) ? true : false; if(isAdmin) { MessageBox.Show("you are an administrator"); } else { MessageBox.Show("You are not an administrator"); } }
in the above code we use WindowsPrincipal class, which allows us to check the Windows group membership of a Windows user. to use this classes un need to use the following namespace in the code:
using System.Security.Principal;
when you compile this application and run , you would expect that it will show the message saying “you are an administrator” if you are logged in as an administrator account. well this is what you get if you have UAC enabled, not something you expected right ?
ok now we need to make our application to request for UAC elevation. first we need to create a manifest file with the application name.
Create Manifest File
First add a new item to the project with the name with following format, <applicationname>.exe.manifest . in our case (ElevationTest.exe.manifest). and add the following XML:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <assemblyIdentity version="1.0.0.0" name="ElevationTest" type="win32"/> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"> <security> <requestedPrivileges> <requestedExecutionLevel level="requireAdministrator"/> </requestedPrivileges> </security> </trustInfo> </assembly>
and the next step is to add the manifest in to the built executables Win32Resources by embedding it. to do this we need to use the MT.exe in the .Net SDK. by default it can be found in “C:\Program Files\Microsoft SDKs\Windows\v6.0A\Bin\”.
we can use the following command to embed the manifest through visual studio command line:
mt.exe –manifest MyApp.exe.manifest -outputresource:MyApp.exe;1
or
mt.exe –manifest MyLibrary.dll.manifest -outputresource:MyLibrary.dll;2
(1 for an EXE, 2 for a DLL.)
to make things easier we can add this command to the postbuild event of the project :
below is the full post build command:
"C:\Program Files\Microsoft SDKs\Windows\v6.0A\Bin\mt.exe" -manifest "$(ProjectDir)$(TargetName).exe.manifest" –outputresource:"$(TargetDir)$(TargetFileName)";#1
once you have built the application successfully if you see the output directory you will see the icons will have a shield on them indicating that the application requires UAC elevation.
And now if you run your built application it will prompt for UAC : and when you click on allow the application will show you the following Message :
That’s it you have your application ready to request UAC Elevation in the new operating systems.
hope it helps.
