Delphi: Prompt for UAC elevation when needed

delphi uac elevation
Vegar picture Vegar · May 28, 2009 · Viewed 29.1k times · Source

We need to change some settings to the HKEY_LOCAL_MACHINE at runtime.

Is it possible to prompt for uac elevation if needed at runtime, or do I have to launch a second elevated process to do 'the dirty work'?

Answer

Ian Boyd picture Ian Boyd · Jun 5, 2009

i would relaunch yourself as elevated, passing command line parameters indicating what elevated thing you want to do. You can then jump right to the appropriate form, or just save your HKLM stuff.

function RunAsAdmin(hWnd: HWND; filename: string; Parameters: string): Boolean;
{
    See Step 3: Redesign for UAC Compatibility (UAC)
    http://msdn.microsoft.com/en-us/library/bb756922.aspx

    This code is released into the public domain. No attribution required.
}
var
    sei: TShellExecuteInfo;
begin
    ZeroMemory(@sei, SizeOf(sei));
    sei.cbSize := SizeOf(TShellExecuteInfo);
    sei.Wnd := hwnd;
    sei.fMask := SEE_MASK_FLAG_DDEWAIT or SEE_MASK_FLAG_NO_UI;
    sei.lpVerb := PChar('runas');
    sei.lpFile := PChar(Filename); // PAnsiChar;
    if parameters <> '' then
        sei.lpParameters := PChar(parameters); // PAnsiChar;
    sei.nShow := SW_SHOWNORMAL; //Integer;

    Result := ShellExecuteEx(@sei);
end;

The other Microsoft suggested solution is to create an COM object out of process (using the specially created CoCreateInstanceAsAdmin function). i don't like this idea because you have to write and register a COM object.

Note: There is no "CoCreateInstanceAsAdmin" API call. It's just some code floating around. Here's the Dephi version i stumbled around for. It is apparently based on the trick of prefixing a class guid string with the "Elevation:Administrator!new:" prefix when normally hidden code internally calls CoGetObject:

function CoGetObject(pszName: PWideChar; pBindOptions: PBindOpts3; 
      const iid: TIID; ppv: PPointer): HResult; stdcall; external 'ole32.dll';

procedure CoCreateInstanceAsAdmin(const Handle: HWND; 
      const ClassID, IID: TGuid; PInterface: PPointer);
var
   BindOpts: TBindOpts3;
   MonikerName: WideString;
   Res: HRESULT;
begin
   //This code is released into the public domain. No attribution required.
   ZeroMemory(@BindOpts, Sizeof(TBindOpts3));
   BindOpts.cbStruct := Sizeof(TBindOpts3);
   BindOpts.hwnd := Handle;
   BindOpts.dwClassContext := CLSCTX_LOCAL_SERVER;

   MonikerName := 'Elevation:Administrator!new:' + GUIDToString(ClassID);

   Res := CoGetObject(PWideChar(MonikerName), @BindOpts, IID, PInterface);
   if Failed(Res) then 
      raise Exception.Create(SysErrorMessage(Res));
end;

One other question: How do you handle someone running as standard user in Windows XP?

Related questions

Developing Apps with Administrator Rights in Delphi

I'm using D2010 under Windows 7 to write an app that seems to require admin rights (I think because it uses COM to communicate with a third party .exe, which also requires admin rights). I've added the manifest resource as required, …

Read More
Looking for Delphi 7 code to detect if a program is started with administrator rights?

I am looking for working (obviously) Delphi 7 code so I can check whether my program is started with administrator rights. Thanks in advance [--- IMPORTANT UPDATE ---] Having reviewed the code in the answers so far, I realise that my …

Read More
How to add manifest <requestedPrivileges> info into delphi project

What is the easiest way to add the <requestedPrivileges> manifest info to a Delphi XE project (.exe)? Is it possible to add just the required node like: <requestedPrivileges> <requestedExecutionLevel level="requireAdministrator"/> </requestedPrivileges> …

Read More