HOW to run my app with system level privilleges

If you have it pinned to the taskbar you can press and hold CTRL+SHIFT and left mouse click on it, or you can right mouse click and select "Run as Administrator". You will be asked to confirm your action. The app will run with elevated rights.

I want to know the code that will make it run with all privilleges.

If you have it pinned to the taskbar you can press and hold CTRL+SHIFT and left mouse click on it, or you can right mouse click and select "Run as Administrator". You will be asked to confirm your action. The app will run with elevated rights.

The suggestions I made will allow you to run with administrator rights. If there was code you could put in your program to do this automatically then any malicious program would be able to include it and thus defeat the purpose of UAC.

There is a method that you could use that involves setting up a task in the task scheduler and setting the elevated rights in that task. Then you would have to create a shortcut to execute that task in the scheduler. That would circumvent the UAC pop-up. I don't have the details handy but I will try to find them for you.

I found the article. I hope it helps.

http://www.howtogeek.com/howto/windows-vista/create-administrator-mode-shortcuts-without-uac-prompts-in-windows-vista/

thankss for your effort

but actually i should explain the problem in detail
i'm trying to make an explorer like application.
but when i try to access the my documents folder or videos or pictures folder.....it shows an error indicating UNAUTHORISED ACCESS

But if you run the explorer-like app using the method in my link then it will run the access rights sufficient to access all folders. The alternative is to pin the app to your taskbar then CTRL-Shift click. This will pop up the UAC dialog which will give you the same rights as the task scheduler/schtasks workaround.

I don't see the problem.

I have an application (Songbird media player) that for whatever reason needs to save a setting in a restricted folder. I've mentioned this to the developers but the "bug" remains. Every time I run Songbird it pops up the UAC. Really annoying. I created a task scheduler entry named "songbird" and I specified that it should run with highest rights. I created a shortcut with

schtasks /run /tn "songbird"

as the target. Now when I run the shortcut, Songbird starts without the UAC nonsense. Of course it is very important that you trust the program that you are giving these access rights to. Songbird is open source and I have checked out the source code. You are rolling your own app so unless your app does something really bad (due to a bug) then I don't see a problem.

You need to go into the project properties and click View Windows Settings. Once there you will see a code like this:

<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <!-- UAC Manifest Options
            If you want to change the Windows User Account Control level replace the 
            requestedExecutionLevel node with one of the following.

        <requestedExecutionLevel  level="asInvoker" uiAccess="false" />
        <requestedExecutionLevel  level="requireAdministrator" uiAccess="false" />
        <requestedExecutionLevel  level="highestAvailable" uiAccess="false" />

            Specifying requestedExecutionLevel node will disable file and registry virtualization.
            If you want to utilize File and Registry Virtualization for backward 
            compatibility then delete the requestedExecutionLevel node.
        -->
        <requestedExecutionLevel level="[B][U]asInvoker[/U][/B]" uiAccess="false" />
      </requestedPrivileges>
    </security>
  </trustInfo>

Above I have made the code you need to change in bold. You now need to change the code by adding requireAdministrator. So now you should have your code looking like so:

<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <!-- UAC Manifest Options
            If you want to change the Windows User Account Control level replace the 
            requestedExecutionLevel node with one of the following.

        <requestedExecutionLevel  level="asInvoker" uiAccess="false" />
        <requestedExecutionLevel  level="requireAdministrator" uiAccess="false" />
        <requestedExecutionLevel  level="highestAvailable" uiAccess="false" />

            Specifying requestedExecutionLevel node will disable file and registry virtualization.
            If you want to utilize File and Registry Virtualization for backward 
            compatibility then delete the requestedExecutionLevel node.
        -->
        <requestedExecutionLevel level="[B][U]requireAdministrator[/U][/B]" uiAccess="false" />
      </requestedPrivileges>
    </security>
  </trustInfo>

Hope this helps you out with your application!

-Chris

All that does is define the right that the program requires when run. It still results in the UAC pop-up when he tries to run the program. I modified one of my existing vb apps as you said and I was prompted with the UAC pop-up. The method I suggested above is a little awkward to set up but it results in a cleaner (no pop-up) start.

Yes, you just click yes but what person will click no? I am sure someone may but most people click Yes because as Americans, some of us, are lazy at reading prompts so we click Yes just because we feel obligated to agree to something otherwise we think it will not work ;)

My point is that with your method YOU MUST CLICK YES to run the app. With my method you don't have to click anything which is what I believe the OP wanted.

Oh, I am sorry. I was not aware that you had posted a method to bypass the UAC prompt.

Well that explains it then.

Back to the OP's question. If I do remember right, Explorer won't let you open C:\Users\NN folder unless you're NN. It's a good programming practice not to ask user to have admin rights for your app. It's totally waste of time because standard users do not know admin password and the admins do know how to get past the UAC.

If you want a standard user to have (permanent) access to some folder, you could consider giving him/her the ownership for the folder first and after that set the proper ACLs.

But making your app to be run as a SYSTEM is impossible AFAIK. Or can someone prove that I'm wrong about that :)

HTH

I just tried a quick test. I opened Explorer and tried to browse to c:\Windows\Temp. I was prompted with a pop-up that said "You don't currently have permission to access this folder. Click Continue to permanently get access to this folder."

I then created an Explorer shortcut and ran it as Administrator. I got the same pop-up so it appears Admin rights are not sufficient as you pointed out. However, it seems that either with those rights Windows is still willing to give access.

thanxxx but i've already tried it. It doesn't work.

You need to go into the project properties and click View Windows Settings. Once there you will see a code like this:

<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <!-- UAC Manifest Options
            If you want to change the Windows User Account Control level replace the 
            requestedExecutionLevel node with one of the following.

        <requestedExecutionLevel  level="asInvoker" uiAccess="false" />
        <requestedExecutionLevel  level="requireAdministrator" uiAccess="false" />
        <requestedExecutionLevel  level="highestAvailable" uiAccess="false" />

            Specifying requestedExecutionLevel node will disable file and registry virtualization.
            If you want to utilize File and Registry Virtualization for backward 
            compatibility then delete the requestedExecutionLevel node.
        -->
        <requestedExecutionLevel level="[B][U]asInvoker[/U][/B]" uiAccess="false" />
      </requestedPrivileges>
    </security>
  </trustInfo>

Above I have made the code you need to change in bold. You now need to change the code by adding requireAdministrator. So now you should have your code looking like so:

<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <!-- UAC Manifest Options
            If you want to change the Windows User Account Control level replace the 
            requestedExecutionLevel node with one of the following.

        <requestedExecutionLevel  level="asInvoker" uiAccess="false" />
        <requestedExecutionLevel  level="requireAdministrator" uiAccess="false" />
        <requestedExecutionLevel  level="highestAvailable" uiAccess="false" />

            Specifying requestedExecutionLevel node will disable file and registry virtualization.
            If you want to utilize File and Registry Virtualization for backward 
            compatibility then delete the requestedExecutionLevel node.
        -->
        <requestedExecutionLevel level="[B][U]requireAdministrator[/U][/B]" uiAccess="false" />
      </requestedPrivileges>
    </security>
  </trustInfo>

Hope this helps you out with your application!

-Chris

sir, i'm trying to access my own documents folder, even then it is shoowing me an error.

Back to the OP's question. If I do remember right, Explorer won't let you open C:\Users\NN folder unless you're NN. It's a good programming practice not to ask user to have admin rights for your app. It's totally waste of time because standard users do not know admin password and the admins do know how to get past the UAC.

If you want a standard user to have (permanent) access to some folder, you could consider giving him/her the ownership for the folder first and after that set the proper ACLs.

But making your app to be run as a SYSTEM is impossible AFAIK. Or can someone prove that I'm wrong about that :)

HTH

i'm trying to access my own documents folder, even then it is shoowing me an error.

And you're logged in with your own credentials? You should be able to open your C:\Users\NN folder and Library's folders. There are some sub-folders in those folders which give you Access Denied. Some are junction points i.e. not "real" folders but links to folder.
BTW, I checked this on my Win7 machine but it should be pretty same with Windows Vista.

HTH

yes i'm logged in with my own credentials.....n i'm the admin too.

And you're logged in with your own credentials? You should be able to open your C:\Users\NN folder and Library's folders. There are some sub-folders in those folders which give you Access Denied. Some are junction points i.e. not "real" folders but links to folder.
BTW, I checked this on my Win7 machine but it should be pretty same with Windows Vista.

HTH

You are finding the My Documents folder using this path correct?

System.Environment.GetFolderPath(Environment.SpecialFolder.MyDocuments)

NOPES
actually the code is:-

drives = System.IO.Directory.GetLogicalDrives
dirs = drives
ListBox1.Items.AddRange(dirs)


[B]on double click[/B]
sel = ListBox1.SelectedItem
ListBox1.Items.Clear()
dirs = System.IO.Directory.GetDirectories(dir)
ListBox1.Items.AddRange(dirs)

but whenever i try to open my documnets folder or mypictures or my music or my videos folder...it says unauthorised access
everything else works good.

You are finding the My Documents folder using this path correct?

System.Environment.GetFolderPath(Environment.SpecialFolder.MyDocuments)

Use the code I posted as the path and it should work. If you are using the code I provided earlier in the post to make the program Run as Admin or using another technique posted, then the path I posted should work. I have an application that creates a text file in the My Documents folder and this code worked for me.

it'll work for surely....but i have to access all the folder of the system...not only documents...so it's just a foolish way to do in the way that you told.

Use the code I posted as the path and it should work. If you are using the code I provided earlier in the post to make the program Run as Admin or using another technique posted, then the path I posted should work. I have an application that creates a text file in the My Documents folder and this code worked for me.

it'll work for surely....but i have to access all the folder of the system...not only documents...so it's just a foolish way to do in the way that you told.

You can use that code but replace the last part (MyDocuments) with the other folders you are accessing.