0

I am currently working on a Windows Forms application that, for some functionality, needs admin privileges to modify an .ini file for a legacy application that is referenced. However, it is known that no all users will have admin rights.

My current idea is to add an app.manifest file to the solution and set the requestedExecutionLevel to highestAvailable in order to request admin rights if possible and otherwise run at the default security. app.manifest settings for reference:

<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
    <!-- UAC Manifest Options
         If you want to change the Windows User Account Control level replace the 
         requestedExecutionLevel node with one of the following.

    <requestedExecutionLevel  level="asInvoker" uiAccess="false" />
    <requestedExecutionLevel  level="requireAdministrator" uiAccess="false" />
    <requestedExecutionLevel  level="highestAvailable" uiAccess="false" />

        Specifying requestedExecutionLevel element will disable file and registry virtualization. 
        Remove this element if your application requires this virtualization for backwards
        compatibility.
    -->
    <requestedExecutionLevel level="highestAvailable" uiAccess="false" />
  </requestedPrivileges>

My question is, is it then possible to detect the execution level so I can then modify the app's behavior based on if the user has admin access?

Edit: I am looking for a way to check specifically if the the app itself is run at an elevated level as opposed to at a default security if possible. The suggested solution of validating the user's permissions level is a potential/partial solution, but I would much prefer, if possible, to verify the behavior of the app directly as opposed to potential level of the user. Thank you.

user16768946
  • 103
  • 5
  • Does https://stackoverflow.com/questions/509292/how-can-i-tell-if-my-process-is-running-as-administrator help you? – PMF Nov 18 '21 at 19:24
  • Does this answer your question? [How can I tell if my process is running as Administrator?](https://stackoverflow.com/questions/509292/how-can-i-tell-if-my-process-is-running-as-administrator) – PMF Nov 18 '21 at 19:24
  • Note that "highestAvailable" will not grant you elevated rights, even if the user _is_ admin. – PMF Nov 18 '21 at 19:25
  • @PMF The looks along the right route. That question's answer appears to detect if the user is a valid admin which is a potential solution, but the comments on the question raise concerns that detecting the user's rights does not inherently give the status of the app. That could be a solution if necessary, but I would prefer a method to directly detect if the app itself is run at that level if possible. – user16768946 Nov 18 '21 at 20:12
  • I think answer 3 on that page is what you're looking for. – PMF Nov 19 '21 at 05:57
  • @PMF What sorting type do you use when talking about "answer 3"? Better name the answer's author or provide a direct link to the answer. – Robert Nov 19 '21 at 09:30
  • @Robert Sorry. I mean the answer from Brian Legend. – PMF Nov 19 '21 at 09:55
  • @PMF Oh I see. That looks like what I am looking for. I will do testing with this code. Thank you. – user16768946 Nov 19 '21 at 18:52

0 Answers0