I'm not really experienced with the whole WPF/UAC stuff, as I mostly do scripting with PowerShell & AutoIt...but now I'm working on developing an application for an enterprise environment with >100.000 devices which does some admin rights work in the background and shows a GUI to the user (allowing him to perform some actions).
How it should work:
- The app installer is ran with system rights via software distribution, it installs the WPF app, creates a task scheduler entry for it (to run every day) and a Start Menu shortcut.
- The app is then started by the scheduler & it does some background checks for a few prerequisites.
- If the prerequisites are satisfied, it triggers a Win10 toast notification, showing the user some information and pointing him to open the GUI.
Now, the tricky part:
- If the user clicks on the notification to open the app or the user starts it from the Start Menu shortcut, the app should run nicely and show him the GUI to interact with (postpone the checking within a timeframe / take action now).
What I tried:
- Have the app always run with admin rights. This does not work if the app is started by a normal user from the Start Menu, for example. Obviously, users don't have admin rights, given the enterprise environment, so they won't be able to provide credentials at the UAC prompt (if you set the requestedExecutionLevel to admin). Even if they would, this is not ok from a user experience perspective...
- Build the background admin work into a Windows Service and call this service from the main app (GUI). This also does not work, because access to the service is denied for the simple enterprise user...I tried setting the service access modifier in the installer to public, but this does not help either.
I have all the code ready (~7.500 lines), but I can't put it to use & I'm starting to lose my mind! Please help out a fellow IT guy from ending up in the loony bin :)
