NewsArchive
08-14-2015, 06:28 AM
User Account Control (UAC) is a technology and security infrastructure
introduced with Microsoft's Windows Vista and Windows Server 2008 operating
systems eight years ago in 2007. And of course, UAC is a fundamental part
of Windows 10. But mapped drives (in user context) is still a frequently
asked question.
Mapped drives are ALWAYS associated with a logon session, not a machine! A
locally unique identifier (LUID) identifies a logon session and a LUID is
generated for each logon session. Because mapped drives are associated with
LUID, and elevated applications are using a different LUID generated during
a separate login event, the elevated application will no longer see any
mapped drives for this user. The elevated and non-elevated administrator
accounts have completely different logon tokens and can therefore have
different drive mappings. That means, a process running non-elevated (e.g.
your own application) and another process running elevated are a part of two
distinct logon sessions. As such, if a drive was mapped in a non-elevated
context (e.g. using Explorer), it will never be visible to an elevated
context (e.g. "per-machine" setup.exe), unless the drive is also mapped in
the elevated context.
To cut a long story short: applications running under a different user token
(elevated and non-elevated) have a totally different set of mapped drives!
Hope that helps a bit.
--
Friedrich Linder
Lindersoft | SetupBuilder | www.lindersoft.com
954.252.3910 (within US) | +1.954.252.3910 (outside US)
--SetupBuilder "point. click. ship"
--Helping You Build Better Installations
--Create Windows 10 ready installations in minutes
--Official COMODO Code Signing and SSL Certificate Partner
introduced with Microsoft's Windows Vista and Windows Server 2008 operating
systems eight years ago in 2007. And of course, UAC is a fundamental part
of Windows 10. But mapped drives (in user context) is still a frequently
asked question.
Mapped drives are ALWAYS associated with a logon session, not a machine! A
locally unique identifier (LUID) identifies a logon session and a LUID is
generated for each logon session. Because mapped drives are associated with
LUID, and elevated applications are using a different LUID generated during
a separate login event, the elevated application will no longer see any
mapped drives for this user. The elevated and non-elevated administrator
accounts have completely different logon tokens and can therefore have
different drive mappings. That means, a process running non-elevated (e.g.
your own application) and another process running elevated are a part of two
distinct logon sessions. As such, if a drive was mapped in a non-elevated
context (e.g. using Explorer), it will never be visible to an elevated
context (e.g. "per-machine" setup.exe), unless the drive is also mapped in
the elevated context.
To cut a long story short: applications running under a different user token
(elevated and non-elevated) have a totally different set of mapped drives!
Hope that helps a bit.
--
Friedrich Linder
Lindersoft | SetupBuilder | www.lindersoft.com
954.252.3910 (within US) | +1.954.252.3910 (outside US)
--SetupBuilder "point. click. ship"
--Helping You Build Better Installations
--Create Windows 10 ready installations in minutes
--Official COMODO Code Signing and SSL Certificate Partner