How do you work with UAC when creating a process as another user?

Question

How do you work with UAC when creating a process as another user?

I have a problem with UAC and executing a non-interactive process as another user (APIs like CreateProcessAsUser or CreateProcessWithLogonW).

My program is designed to perform the following actions:

1) Create a new Windows user account (check if it works correctly)

2) Create a non-interactive child process as a new user account (crash when using UAC)

My application includes an admin manifest and enhances validity when UAC is enabled to complete step 1.

But step 2 is not performed correctly. I suspect this is because a child process that runs as another user does not inherit the elevated rights of my main process (which runs as an interactive user).

I would like to know how to solve this problem. When UAC is off, my program is working correctly. How can I deal with UAC or the required elevated rights in this situation?

If this helps, the child process should start as another user in order to configure file encryption for the new user account.

+3

uac

sysrpl Mar 26 '10 at 13:32

source share

2 answers

Heinrich Ulbricht · Answer 1 · 2010-03-29T18:40:00+0000

The reason the spawned process does not have administrator privileges when using CreateProcessWithLogon and CreateProcessAsUser is explained in this blog post:

http://blogs.msdn.com/cjacks/archive/2010/02/01/why-can-t-i-elevate-my-application-to-run-as-administrator-while-using-createprocesswithlogonw.aspx

: CreateProcess - , . ShellExecute (Ex) . , bootstrapper CreateProcessWithLogon/CreateProcessAsUser, , ( ), ShellExecute (Ex), ( "runas" lpVerb ). , ShellExecuteWithLogon, Windows.

, .

David Bertrand · Answer 2 · 2016-02-16T18:09:22+0000

Windows 7 UAC.

UAC , CreateProcessWithLogon , LogonUser LOGON32_LOGON_INTERACTIVE. .

, LogonUser LOGON32_LOGON_BATCH, . , CreateProcessWithToken.

How do you work with UAC when creating a process as another user?

More articles: