"Nick Rivers" <firstname.lastname@example.org> wrote in message
> I need to write an UAC compatible application that should work for
> standard and admin users.
> This application should use DIFx 2.1 to install or update a hardware
> device, but only if necessary.
> What I┤ve done so far:
> -linked DIFxAPI.lib
> -embedded .manifest with 'highestAvailable' privileg setting
> -check the users token to determine if the user has privileges to install
> update a device driver if necessary
> -using DriverPackageInstall to install/update device driver
> When a standard user runs my application and the hardware device needs to
> be installed or updated he will be prompted that he needs admin rights to
> install/update the hardware device. UAC does not prompt.
> When a admin group user runs my application UAC prompts with the "A
> program needs your permission to continue" dialog and then runs through
> installing or updating the device if necessary.
> I am not sure if this is the correct and best way to create the
> application. Best for me would be, if UAC would not prompt any dialogs for
> all users. I know that I could also use ShellExecuteEx with 'RunAs' to
> launch an executable that needs admin privileges.
> I really appreciate any advice or improvement.
If the program needs to do something that requires administrator privileges
then at some point everyone using that function of the program will see a
uac prompt including administrators. That is the whole point of uac, to
notify the user that the program is doing something that will affect the
system and give them the choice to allow it or not. You can either set the
program to run in administrator mode or program it ask for elevated
privileges only when it actually needs them. In the first case everyone who
runs the program will see a uac prompt every time they run the program. In
the second case only those people using the function that requires
administrator privileges will see the uac prompt.
There are some good tips in some of the documents you can download here:
Microsoft MVP - Shell/User