UAC - Elevated COM object
-
Has anyone gotten on-the-fly elevation through an elevated COM object working correctly? The MSDN article on the subject (http://msdn2.microsoft.com/en-US/library/ms679687.aspx) presents the following sample code to do it. /////////////////////////////////////////////////////////////////////////////////////// HRESULT CoCreateInstanceAsAdmin(HWND hwnd, REFCLSID rclsid, REFIID riid, __out void ** ppv) { BIND_OPTS3 bo; WCHAR wszCLSID[50]; WCHAR wszMonikerName[300]; StringFromGUID2(rclsid, wszCLSID, sizeof(wszCLSID)/sizeof(wszCLSID[0])); HRESULT hr = StringCchPrintf(wszMonikerName, sizeof(wszMonikerName)/sizeof(wszMonikerName[0]), L"Elevation:Administrator!new:%s", wszCLSID); if (FAILED(hr)) return hr; memset(&bo, 0, sizeof(bo)); bo.cbStruct = sizeof(bo); bo.hwnd = hwnd; bo.dwClassContext = CLSCTX_LOCAL_SERVER; return CoGetObject(wszMonikerName, &bo, riid, ppv); } /////////////////////////////////////////////////////////////////////////////////////// But when I do this, the CoGetObject() call fails with a return code of CO_E_ELEVATION_DISABLED (0x80080017 This class is not configured to support Elevated activation.). The article suggests this is indicative of the absence of a HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{CLSID}\Elevation\Enabled key set to 1. But I've looked in regedit and double- and triple-checked that in my case, that key is there and is set to 1. If I don't try to elevate, I can use CoCreateInstance to use the COM server just fine. But I'm at a loss as to what else I can do to get on-the-fly elevation to work. - Michael
-
Has anyone gotten on-the-fly elevation through an elevated COM object working correctly? The MSDN article on the subject (http://msdn2.microsoft.com/en-US/library/ms679687.aspx) presents the following sample code to do it. /////////////////////////////////////////////////////////////////////////////////////// HRESULT CoCreateInstanceAsAdmin(HWND hwnd, REFCLSID rclsid, REFIID riid, __out void ** ppv) { BIND_OPTS3 bo; WCHAR wszCLSID[50]; WCHAR wszMonikerName[300]; StringFromGUID2(rclsid, wszCLSID, sizeof(wszCLSID)/sizeof(wszCLSID[0])); HRESULT hr = StringCchPrintf(wszMonikerName, sizeof(wszMonikerName)/sizeof(wszMonikerName[0]), L"Elevation:Administrator!new:%s", wszCLSID); if (FAILED(hr)) return hr; memset(&bo, 0, sizeof(bo)); bo.cbStruct = sizeof(bo); bo.hwnd = hwnd; bo.dwClassContext = CLSCTX_LOCAL_SERVER; return CoGetObject(wszMonikerName, &bo, riid, ppv); } /////////////////////////////////////////////////////////////////////////////////////// But when I do this, the CoGetObject() call fails with a return code of CO_E_ELEVATION_DISABLED (0x80080017 This class is not configured to support Elevated activation.). The article suggests this is indicative of the absence of a HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{CLSID}\Elevation\Enabled key set to 1. But I've looked in regedit and double- and triple-checked that in my case, that key is there and is set to 1. If I don't try to elevate, I can use CoCreateInstance to use the COM server just fine. But I'm at a loss as to what else I can do to get on-the-fly elevation to work. - Michael
Do you have to compile the COM object to support elevation using a vista manifest file ?
Darka [Xanya] "I am not a slave to a god that doesn't exist."
-
Has anyone gotten on-the-fly elevation through an elevated COM object working correctly? The MSDN article on the subject (http://msdn2.microsoft.com/en-US/library/ms679687.aspx) presents the following sample code to do it. /////////////////////////////////////////////////////////////////////////////////////// HRESULT CoCreateInstanceAsAdmin(HWND hwnd, REFCLSID rclsid, REFIID riid, __out void ** ppv) { BIND_OPTS3 bo; WCHAR wszCLSID[50]; WCHAR wszMonikerName[300]; StringFromGUID2(rclsid, wszCLSID, sizeof(wszCLSID)/sizeof(wszCLSID[0])); HRESULT hr = StringCchPrintf(wszMonikerName, sizeof(wszMonikerName)/sizeof(wszMonikerName[0]), L"Elevation:Administrator!new:%s", wszCLSID); if (FAILED(hr)) return hr; memset(&bo, 0, sizeof(bo)); bo.cbStruct = sizeof(bo); bo.hwnd = hwnd; bo.dwClassContext = CLSCTX_LOCAL_SERVER; return CoGetObject(wszMonikerName, &bo, riid, ppv); } /////////////////////////////////////////////////////////////////////////////////////// But when I do this, the CoGetObject() call fails with a return code of CO_E_ELEVATION_DISABLED (0x80080017 This class is not configured to support Elevated activation.). The article suggests this is indicative of the absence of a HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{CLSID}\Elevation\Enabled key set to 1. But I've looked in regedit and double- and triple-checked that in my case, that key is there and is set to 1. If I don't try to elevate, I can use CoCreateInstance to use the COM server just fine. But I'm at a loss as to what else I can do to get on-the-fly elevation to work. - Michael
Is it possible that the ACL on that registry key prevents your unelevated process from reading the value stored in the key? Just a wild guess...
Chris Richardson
-
Do you have to compile the COM object to support elevation using a vista manifest file ?
Darka [Xanya] "I am not a slave to a god that doesn't exist."
Hmm, now there is a thought. The current documentation for Microsoft doesn't say anything about such a manifest being required. But it is, after all, pre-release doc, so it's certainly possible that there's an unfortunate assumption being included there. Of course, if that manifest is required, that does beg the quesiton of *exactly* what configuration is supposed to be in it to support this. But I can certainly try experimenting with values that would seem likely. I'm out of the office right now, but when I get back in, I'll go ahead and play with that a little. Thanks for the idea! - Michael