UAC controls in Windows 7

[Andy]

Hi,

Just noticed a strange problem in Windows 7, I have a program called 'iconrestore.exe'.  It is added to msconfig so it runs when a user logs into windows, but if the UAC is turned on windows automatically logs off.

The program checks to see if the user is allowed to log on at any given time / day, this has been tested on many pc's / Laptops but this problem only occurs in Windows 7 when UAC is turned ON ?

Do i have to run this program with elevated rights OR is there a way to tell UAC that this program is ok to run without a user clicking "allow this program" etc ?

My project is nearly finished and I would like to show the project and hopefully share any "secrets" used in my code.

Can anyone help / examples.

Thanks,
Andy.

[Copex]

have a look at this, it may help you out, if i understand the question. you need to look in to process privilege 

you can also look at this code.
http://ebasic-aurora.com/forums/index.php?topic=4269.msg33174#msg33174

if you compil;e the code below it will log the user off. tested runing win7 x64 with uac on. (just before anyone starts, i didt write this code)

Code Select Expand

DECLARE IMPORT, _ExitWindowsEx ALIAS ExitWindowsEx(uFlags AS INT,dwReserved AS INT),INT
DECLARE "kernel32",GetCurrentProcess(),INT
DECLARE "kernel32",GetVersion(),INT

DEF version:INT
version = GetVersion()

'ExitWindowsEx flags
SETID "EW_RESTARTWINDOWS",0x0042
SETID "EW_REBOOTSYSTEM",  0x0043
SETID "EW_EXITANDEXECAPP",0x0044
SETID "ENDSESSION_LOGOFF",0x80000000
SETID "EWX_LOGOFF",   0
SETID "EWX_SHUTDOWN", 1
SETID "EWX_REBOOT",   2
SETID "EWX_FORCE",    4
SETID "EWX_POWEROFF", 8

'structures needed for security on NT and greater
TYPE LUID
DEF LowPart:INT
DEF HighPart:INT
ENDTYPE

TYPE TOKENPRIVILEGES2
DEF PrivilegeCount:INT
DEF LowPart:INT
DEF HighPart:INT
DEF Attributes:INT
ENDTYPE

'we need some declares for NT (or greater) systems
'in order to change the process privilege to allow
'us to shutdown or restart the system
SETID "SE_PRIVILEGE_ENABLED",0x00000002
SETID "TOKEN_ASSIGN_PRIMARY",    0x0001
SETID "TOKEN_DUPLICATE",         0x0002
SETID "TOKEN_IMPERSONATE",       0x0004
SETID "TOKEN_QUERY",             0x0008
SETID "TOKEN_QUERY_SOURCE",      0x0010
SETID "TOKEN_ADJUST_PRIVILEGES", 0x0020
SETID "TOKEN_ADJUST_GROUPS",     0x0040
SETID "TOKEN_ADJUST_DEFAULT",    0x0080
DECLARE "advapi32",OpenProcessToken(ProcessHandle:INT,Access:INT,TokenHandle:POINTER),INT
DECLARE "advapi32",AdjustTokenPrivileges(TokenHandle:INT,disable:INT,tkp:TOKENPRIVILEGES2,BufferLength:INT,PreviousState:INT,RetLength:INT),INT
DECLARE "advapi32",LookupPrivilegeValueA(SystemName:STRING,Name:STRING,luid:LUID),INT

GOSUB SetShutdownPrivilege
_ExitWindowsEx(0,0)

SUB SetShutdownPrivilege
'only do for NT or greater
if((version & 0x80000000) = 0)
DEF hToken,hProcess:INT
DEF tkp2:TOKENPRIVILEGES2
DEF luid:LUID
hProcess = GetCurrentProcess()
IF(OpenProcessToken(hProcess,(@TOKEN_ADJUST_PRIVILEGES | @TOKEN_QUERY ),hToken))
LookupPrivilegeValueA("","SeShutdownPrivilege",luid)
tkp2.PrivilegeCount = 1
tkp2.Attributes = @SE_PRIVILEGE_ENABLED
tkp2.HighPart = luid.HighPart
tkp2.LowPart = luid.LowPart
AdjustTokenPrivileges(hToken,0,tkp2,0,0,0)
ENDIF
ENDIF
RETURN
ENDSUB


[Andy]

Thanks Copex for the code, i'm already using them but after testing my program I found the problem is access rights to a registry key:

1. I need to be able to read and write to / from the registry key

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies

2. When I use regedit to check the user's permission for that reg key (and sub keys) I see it is set to "Read" NOT "Full Control".

3. How can I change the permissions for that key to "Full Control" in ebasic - I am using the registry.inc file for my registry changes.

The user account name is "User" but could be any name.

When the key is set to "Full Control" my program works even with user account controls on.

Does anyone have any ideas please.

Thanks,
Andy.

[Copex]

maybe you need to post an example of what you are trying to do,

i added a few lines of code the log off example posted above to get the ENV %USERNAME% and if the username did not = copex then log the user off, added the program to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

and it worked as expected

maybe this will help, (no i didt read it)

http://technet.microsoft.com/en-us/library/cc709691%28WS.10%29.aspx

[Andy]

Hi Copex,

Thanks for the link, there seems to be many frustrated people trying to find the same answer as me.

The problem is in HKEY_CURRENT_USER

With UAC OFF - this works correctly

$INCLUDE "Registry.inc"

DEF result:INT
DEF x$:string

result = RegSetValue("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies", "1234567", "xxx")
x$ = RegGetValue("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies","xxx")

OPENCONSOLE
PRINT x$
DO:UNTIL INKEY$ <> ""
CLOSECONSOLE
END

With UAC ON - blank screen because I cannot read/write to the registry key.
If I change the permissions manually for the registry key to full access for the user it works again.

I'm now looking at a program called "regini.exe" which does change registry key permissions, but I don't know if i'll be successful.

If I find an answer I will post it here, but if any one has any more ideas I would be greatful.

Thanks Copex,
Andy.

[Copex]

you need to run the program with the administrative token set, before trying to edit the reg. you could also try right clicking your program and setting the compatibility mode to xp and ticking runas admin, not a perment solution but it may prove the point.

also have a read of this (see Requesting elevation) http://en.wikipedia.org/wiki/User_Account_Control

[Andy]

Hi Copex,

Thanks for the post, great minds think alike.

I spent all day yesterday testing on a vista machine and found the same answer, this works well now but still comes up with the UAC prompt.

             Program 1  "exec.exe"

DECLARE IMPORT, ShellExecuteA(hwnd as UINT, pOp as POINTER, pFile as POINTER, pParam as POINTER, pDir as POINTER, nShow as INT), UINT
   
sType = "runas"
sFileOrCommand = "RegTest.exe"
sParam = NULL
sWorkDir = "C:\\"
iShowFlag = 5

iRet = ShellExecuteA(0, sType, sFileOrCommand, sParam, sWorkDir, iShowFlag)
END


              program 2 "RegTest.exe"

$INCLUDE "kms.inc"

result = RegSetValue("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies", "0987655", "xxx")
bcr$ = RegGetValue("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies", "xxx")

OPENCONSOLE
PRINT bcr$
DO:UNTIL INKEY$ <> ""
END

Both programs (.exe) saved to "C:\"

This is workable for me now but I would like to stop the UAC prompt and just run the program.

Is there a way to do this ? does anybody know ?

I think you have to "sign" your application and/or create a "manifest" file so windows "knows" about the application waiting to execute - this is beyond me at the moment.

But thanks anyway,
Andy.

[Copex]

humm you could try running the program as a service, now there is some code floating around.