Getting Vista UAC elevation to work for web deployed ClickOnce applications

Normally you can’t have ClickOnce applications that are deployed over the web run with Vista UAC elevation prompts. It’s not something Microsoft supports. Not sure why. I guess it’s once-bitten twice-shy, coming from the whole ActiveX mess. So I guess I do kind of understand why.

There is a workaround, if you really need UAC elevation, which you shouldn’t. But at a high level, it works like this. You create your ClickOnce app like you would normally. To go with it, you create a helper app that you equip with an embedded elevation manifest. You then add a test to your ClickOnce app to see if it’s running elevated. If it isn’t you make it call the helper app. It will cause a UAC elevation prompt and in turn launch the ClickOnce app anew. Since the helper got elevated, the ClickOnce app now runs elevated too. Of course, by doing this you might end up with users not accepting the elevation request. But from what I’ve seen real users do with those elevation prompts, it won’t matter much. Anyway.

The trick is getting the helper app included in the regular ClickOnce app. There may be better ways, but here’s one I’ve spent quite some time on to work out. Maybe it will help someone out there save time, like I’ve saved time by reading posts on elevation checks using managed code. So here are the steps I’ve followed to make this work:

  1. Modify your ClickOnce app’s entry point to include elevation checks as described at http://www.itwriting.com/blog/?p=198. If the app is not running elevated, make it run the helper application and exit. The launch looks something like this:

    ProcessStartInfo

    psi = new ProcessStartInfo(“Helper.exe”);
    psi.UseShellExecute = true;
    Process.Start(psi);

    The UseShellExecute flag makes sure the UAC prompt will happen.

  2. Create your helper application with an elevation manifest (the process for that is at Catherine Heller’s blog) and have it launch your app with something like this:

    string
    appExe = Environment.GetFolderPath(Environment.SpecialFolder.Programs) + @”\YourClickOnceApp\ClickOnceApp.appref-ms”;
    Process.Start(appExe);

    As you can see the whole scenario only works if you let the ClickOnce app create a Start Menu entry.

  3. Build and publish both applications, making sure they use the option to rename the published files to .deploy extensions. This helps tremendously with web deployment.

  4. Find the published helper .deploy files and copy them to the folder that contains the ClickOnce application’s .deploy files.

  5. Open the ClickOnce application’s .exe.manifest file using MageUI. Go to the Files section and click the Populate button to include the helper app and its manifest in the fileset for the ClickOnce app. Save and sign the manifest. I used a stored certificate for the signing.

  6. Open the ClickOnce application’s .application deployment manifest using MageUI. This is probably in the directory above the .deploy files. Open the Application Reference section. Click the Select Manifest… button and browse down to the manifest you modified in step 5. Save and sign the manifest. I used the stored certificate from step 5.

  7. Now you have all the needed files packaged for uploading to your web server.

This is what will happen when the user downloads the app for the first time: A verification window shows briefly, followed by a download warning, followed by a download progress window. Now the UAC prompt will come, and if accepted, another verification window. Then the app will show.

On subsequent launches of the app the user will see the verification window, followed by the UAC prompt, followed by another verification window. Then the app will show.

It’s not pretty, but at least it works.

If you try these steps out and they don’t work, I’d appreciate an opportunity to correct them.

————————————————-

P.S.: The manifest generation step looks like this for C# projects:

“$(DevEnvDir)..\..\VC\bin\mt.exe” -manifest “$(ProjectDir)$(TargetName).exe.manifest”  ?outputresource:”$(TargetDir)$(TargetFileName)”;#1

The .exe.manifest for the helper needs to look something like this (you can leave out the commented parts):

<?

xml version=1.0 encoding=utf-8 ?>

<assembly xmlns=urn:schemas-microsoft-com:asm.v1 manifestVersion=1.0>

<assemblyIdentity version=1.0.0.0 processorArchitecture=msil name=Helper type=win32 />

<description>Helper</description>

<trustInfo xmlns=urn:schemas-microsoft-com:asm.v3>

<security>

<requestedPrivileges>

<requestedExecutionLevel level=requireAdministrator />

<!–<requestedExecutionLevel level=”asInvoker” />–>

<!– <requestedExecutionLevel level=”highestAvailable” /> –>

</requestedPrivileges>

</security>

</trustInfo>

</assembly>

7 Comments

  1. Pingback: ServiceController on Vista | keyongtech

  2. Chris

    New to C#… what is MageUI? Where is it? How do I launch it, etc, etc…. Thanks for the helpful post!

  3. Mike S.

    I’ve implemented part of this solution, and have run into an issue that simply a reference to Process.StartupInfo in the RunAsAdmin() function causes the ClickOnce Installer to crash.

    I would think that having the ability to launch processes would be a full trust situation, which requires elevation, which is not supported in the Internet Zone.

    What am I missing? What’s the manifest for the ClickOnce application supposed to look like (as opposed to the manifest for the helper application).

    Help!

  4. Mike, I’m not sure. It’s been so long now. I think the manifest for the helper app needs to require admin privileges (and so does the manifest for the real app). If I remember correctly, I just added the trustInfo-security-requiredPrivileges-requestedExecutionLevel xml snippets to the manifest Visual Studio generates for a web deployment project.

  5. Mike S.

    I tried adding those, and got some errors – but I probably just screwed something up.
    If I find out what I did wrong, I’ll update here.
    THanks!

  6. Pingback: Jason Shuler's Tech Blog » Getting a poorly designed ClickOnce application to Run As Administrator

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.