Vista 权限问题 请教高手怎样使程序以administrator运行,不使用.manifest方式,因为我的程序是一个第三方调用程序,如果使用.manifest方式就必须要求调用程序一样使用.manifest 解决方案 » 免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货 那恐怕没什么好办法除非你杀掉Explorer然后重建这个进程,就可以无视UAC,但是那样会吓人的…… 怎么我不懂你们说什么,vista系统的东西? ShellExecuteuse the runas verb 手动修改24-->1资源 或者以res方式编译到exe<?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <assemblyIdentity type="win32" name="CodeGear RAD Studio" version="11.0.2627.5503" processorArchitecture="*"/> <dependency> <dependentAssembly> <assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" publicKeyToken="6595b64144ccf1df" language="*" processorArchitecture="*"/> </dependentAssembly> </dependency> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"> <security> <requestedPrivileges> <requestedExecutionLevel level="requireAdministrator" uiAccess="false"/> </requestedPrivileges> </security> </trustInfo></assembly> 把manifest编译到exe,别人调用你的程序不需要使用manifest的。直接ShellExecute就可以了。RC文件1 24 ****.Manifest //这是个提权函数,在WinXp下完全可以,Vista下可以试一下,没用过Vistaprocedure SetPrivilege;var OldTokenPrivileges, TokenPrivileges: TTokenPrivileges; ReturnLength: dword; hToken: THandle; Luid: int64;begin OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES, hToken); LookupPrivilegeValue(nil, 'SeDebugPrivilege', Luid); TokenPrivileges.Privileges[0].luid := Luid; TokenPrivileges.PrivilegeCount := 1; TokenPrivileges.Privileges[0].Attributes := 0; AdjustTokenPrivileges(hToken, False, TokenPrivileges, SizeOf(TTokenPrivileges), OldTokenPrivileges, ReturnLength); OldTokenPrivileges.Privileges[0].luid := Luid; OldTokenPrivileges.PrivilegeCount := 1; OldTokenPrivileges.Privileges[0].Attributes := TokenPrivileges.Privileges[0].Attributes or SE_PRIVILEGE_ENABLED; AdjustTokenPrivileges(hToken, False, OldTokenPrivileges, ReturnLength, PTokenPrivileges(nil)^, ReturnLength);end; UAC工作时,可用RES集成权限标志 都答非所问,楼主是问如何用API来控制UAC提升权限对话框出现,例如需要安装服务等等,才提升权限,而平时运行就不用提升了,现在很多API调用直接返回没有权限。那些连账号密码都不用,直接提升权限的代码,实际都不能执行的,否则那UAC不是白做了。 我也找了很久这种资料,可能没有API,只能调用另外一个进程,配合进程通讯来完成高权限的工作。这样你就可以用很多方法了1)在另外一个进程里加入manifest2)使用RunAsAdminBOOL RunAsAdmin( HWND hWnd, LPTSTR lpFile, LPTSTR lpParameters ){ SHELLEXECUTEINFO sei; ZeroMemory ( &sei, sizeof(sei) ); sei.cbSize = sizeof(SHELLEXECUTEINFOW); sei.hwnd = hWnd; sei.fMask = SEE_MASK_FLAG_DDEWAIT | SEE_MASK_FLAG_NO_UI; sei.lpVerb = _TEXT("runas"); sei.lpFile = lpFile; sei.lpParameters = lpParameters; sei.nShow = SW_SHOWNORMAL; if ( ! ShellExecuteEx ( &sei ) ) { printf( "Error: ShellExecuteEx failed 0x%x\n", GetLastError() ); return FALSE; } return TRUE;}3)使用CoCreateInstanceAsAdmin创建COM。HRESULT CoCreateInstanceAsAdmin(HWND hwnd, REFCLSID rclsid, REFIID riid, __out void ** ppv){ BIND_OPTS3 bo; WCHAR wszCLSID[50]; WCHAR wszMonikerName[300]; StringFromGUID2(rclsid, wszCLSID, sizeof(wszCLSID)/sizeof(wszCLSID[0])); HRESULT hr = StringCchPrintf(wszMonikerName, sizeof(wszMonikerName)/sizeof(wszMonikerName[0]), L"Elevation:Administrator!new:%s", wszCLSID); if (FAILED(hr)) return hr; memset(&bo, 0, sizeof(bo)); bo.cbStruct = sizeof(bo); bo.hwnd = hwnd; bo.dwClassContext = CLSCTX_LOCAL_SERVER; return CoGetObject(wszMonikerName, &bo, riid, ppv);}估计微软实在想不出安全的方法在进程运行时改变进程的权限吧! 僵哥升星了,为啥不散分啊? 导出成WORD文件 在安装delphi程序时,碰到了一个问题 请问哪里有电子签章开发资料? 请教一小问题,急! 关于toolbar的问题 求共享软件加密算法?急!!! 怎样捕获字段验证异常 高分在线求教一个sql问题 版本问题 谁有<安徽省货物销售发票管理系统>中的fapiao.dcu或者源码pas也行? delphi调用c++的dll时传PAnsiChar的问题
除非你杀掉Explorer然后重建这个进程,就可以无视UAC,但是那样会吓人的……
use the runas verb
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity
type="win32"
name="CodeGear RAD Studio"
version="11.0.2627.5503"
processorArchitecture="*"/>
<dependency>
<dependentAssembly>
<assemblyIdentity
type="win32"
name="Microsoft.Windows.Common-Controls"
version="6.0.0.0"
publicKeyToken="6595b64144ccf1df"
language="*"
processorArchitecture="*"/>
</dependentAssembly>
</dependency>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel
level="requireAdministrator"
uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
1 24 ****.Manifest
procedure SetPrivilege;
var
OldTokenPrivileges, TokenPrivileges: TTokenPrivileges;
ReturnLength: dword;
hToken: THandle;
Luid: int64;
begin
OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES, hToken);
LookupPrivilegeValue(nil, 'SeDebugPrivilege', Luid);
TokenPrivileges.Privileges[0].luid := Luid;
TokenPrivileges.PrivilegeCount := 1;
TokenPrivileges.Privileges[0].Attributes := 0;
AdjustTokenPrivileges(hToken, False, TokenPrivileges, SizeOf(TTokenPrivileges), OldTokenPrivileges, ReturnLength);
OldTokenPrivileges.Privileges[0].luid := Luid;
OldTokenPrivileges.PrivilegeCount := 1;
OldTokenPrivileges.Privileges[0].Attributes := TokenPrivileges.Privileges[0].Attributes or SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken, False, OldTokenPrivileges, ReturnLength, PTokenPrivileges(nil)^, ReturnLength);
end;
1)在另外一个进程里加入manifest
2)使用RunAsAdmin
BOOL RunAsAdmin( HWND hWnd, LPTSTR lpFile, LPTSTR lpParameters )
{
SHELLEXECUTEINFO sei;
ZeroMemory ( &sei, sizeof(sei) ); sei.cbSize = sizeof(SHELLEXECUTEINFOW);
sei.hwnd = hWnd;
sei.fMask = SEE_MASK_FLAG_DDEWAIT | SEE_MASK_FLAG_NO_UI;
sei.lpVerb = _TEXT("runas");
sei.lpFile = lpFile;
sei.lpParameters = lpParameters;
sei.nShow = SW_SHOWNORMAL; if ( ! ShellExecuteEx ( &sei ) )
{
printf( "Error: ShellExecuteEx failed 0x%x\n", GetLastError() );
return FALSE;
}
return TRUE;
}3)使用CoCreateInstanceAsAdmin创建COM。
HRESULT CoCreateInstanceAsAdmin(HWND hwnd, REFCLSID rclsid, REFIID riid, __out void ** ppv)
{
BIND_OPTS3 bo;
WCHAR wszCLSID[50];
WCHAR wszMonikerName[300]; StringFromGUID2(rclsid, wszCLSID, sizeof(wszCLSID)/sizeof(wszCLSID[0]));
HRESULT hr = StringCchPrintf(wszMonikerName, sizeof(wszMonikerName)/sizeof(wszMonikerName[0]),
L"Elevation:Administrator!new:%s", wszCLSID);
if (FAILED(hr))
return hr;
memset(&bo, 0, sizeof(bo));
bo.cbStruct = sizeof(bo);
bo.hwnd = hwnd;
bo.dwClassContext = CLSCTX_LOCAL_SERVER;
return CoGetObject(wszMonikerName, &bo, riid, ppv);
}估计微软实在想不出安全的方法在进程运行时改变进程的权限吧!