12

I have configured my .NET application using an application manifest to request administrator privileges. I have also signed the assembly using signtool. Everything works great—when you start the application, you get the nice UAC prompt with the application's name and the name of the signing certificate.

However, when I run the application from a network share, the elevation prompt displays the generic executable icon, not my application's icon. How do I make the UAC prompt display my application's icon instead?

Will Rogers
  • 431
  • 1
  • 5
  • 14

3 Answers3

3

I probably found out.

UAC runs on top of a service, the dialog we see is on top of the desktop snapshot. The service would just display the dialog box as if it were on the desktop.

As we know services run on SYSTEM account (among few others). This means it needs SYSTEM to have rights on the executable we are launching. I assigned security to myself only exclusively (stripped out SYSTEM).

As soon as I gave rights to SYSTEM (read rights only!), and launched the application - it showed the application icon!

Ajay
  • 18,086
  • 12
  • 59
  • 105
1

Could it be related to the question: Why does my .NET application crash when run from a network drive?

That your .net application has other rights on the network share than on your local disk. Updating to 3.5 SP1 will normally remove this issue. Otherwise, check the policies for remote code for .net.

Also you could try an other non .net application (procmon for instance) which required elevation to put it in the same dir and see what happens.

Community
  • 1
  • 1
Davy Landman
  • 15,109
  • 6
  • 49
  • 73
  • I did have to patch all the user machines to 3.5 SP1 to get the app to even launch from the network share. I've just tried your suggestion, running procmon from the share, and the same thing happens. Generic icon. So, it appears this might be a limitation of Windows? – Will Rogers Jan 22 '09 at 20:32
  • it might be a feature of UAC, or a policy thing? I've just tried that, and indeed, UAC on a network location does not show the normal icon. – Davy Landman Jan 22 '09 at 21:01
1

Apparently it's not something with .net, but with UAC.

I've reproduced the behavior by placing procmon from systinternals on a network share and saw the same difference.

Maybe it has something to do that when switching to an elevated session another user is used. The network mapping is done on the general user, so in the elevated session the application could not be found and therefor it's not possible to display the icon?

You could try to do the following to force the connection to be valid on in the elevated session:

  • start an elevated command promt
  • net use \\your-network-location\share /user:<username> <password>
  • now go to start->run and start \\your-network-location\share\procmon.exe(to be on the safe side avoid a mapped drive) and see if the UAC prompt improves?
Davy Landman
  • 15,109
  • 6
  • 49
  • 73