Re: How to run just installed program as administrator one time
Hello,
First of all, you should NOT run your application with administrator execution level privileges by default! NEVER EVER! This is a design failure because only "system tools" should run elevated by default (if needed). Your own application should always run non-elevated by default.
If your application is a system tool you should embed an UAC manifest which requests the "requireAdministrator" execution level. There should be an option in WinDev to do this. If WinDev can't handle it, you can use the "#embed UAC manifest..." compiler directive in SetupBuilder to embed a manifest into your application .exe.
Another option (NOT recommended because the functionality is only there to handle completely outdated legacy applications) is to use "Set App Compatibility Mode..." function and enable the "Run this program as administrator" checkbox.
Does this help?
By the way, the following is a very brief description of how to make an application "UAC-aware" and Win8-compliant:
-- Standard Application (YOUR APPLICATION):
1. Embed an UAC manifest into your main application (.EXE). A manifest basically tells Windows how aware the program is about the recent Windows versions (and disables "Virtualization" and unwanted legacy Installer Detection Technology). You should include a manifest for Windows 8 because it's fully backward compatible with all previous Windows versions.
2. Request "asInvoker" execution level privileges through the manifest for your application.
3. Code-sign all your application files (e.g. .EXE, .DLL). Use a certificate signed by a CA, e.g. Comodo, VeriSign, etc.
4. Your application should not depend on any administrative APIs. Administrative APIs are APIs that never work without elevation. For example, the RegSaveKeyEx API. Or ACL manipulation APIs, etc..
5. Do not write per-user information or user-writable information to the Program Files folder tree.
6. Do not write to any other protected Windows area (e.g. the OS drive root folder, the "Windows" folder tree, etc.).
7. Do not write to the HKEY_LOCAL_MACHINE or any other protected registry key.
-- Standard Installation (SETUP.EXE):
1. Use an UAC-aware installation system. By default, installations run elevated (requireAdministrator). Do NOT request asInvoker or highestaAailable if you install per-machine and you need access to protected
Windows areas.
2. Install applications per-machine (all users) and store per-user data in different locations.
3. Do not install Quick Launch shortcuts.
4. Never write to per-user locations from the elevated running installer. That means, never write to the HKEY_CURRENT_USER registry key or to per-user file locations.
5. Launch applications non-elevated at the end of the installation process.
6. Code-sign the installer. Use a certificate signed by a CA, e.g. Comodo, VeriSign, etc.
Note: if you have to install "per-user" data, install it to a common location and as a "first run" action of your main application, copy the data from the common location into a per-user location.
Respect the recommended (default) locations for applications and data files, but provide users with an option to select another installation location for both. A true "Mixed User Application" should work elevated and non-elevated.
That's it :-)
--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910
--Helping You Build Better Installations
--SetupBuilder "point. click. ship"
--Create Windows 8 ready installations in minutes
--Official Comodo Code Signing and SSL Certificate Partner
Reply With Quote
