Launch a No Elevated Process from an Elevated Process in an easy way (Win32 API)



  • @dinkumoil
    Indeed.

    @Meta-Chuh said:

    possible solution:
    execute runas /trustlevel:0x20000 “C:\Program Files (x86)\Notepad++\notepad++.exe”

    Just tried this method and seems Admin mode is OFF.
    However, drag & drop a file into edit zone (which is the original motivation to run Notepad++ under user level) is forbidden just like Admin mode is ON.

    I will continue to search the alternative way.



  • @dinkumoil said:

    Oh, and I forgot to mention, there is the old Plugin Manager, the devs of it had to solve the same problem. Maybe have a look at their code.

    gpup.exe is launched without elevation, then it spawns itself (another instance) with the privileges rights to download & unzip and quit. The instance without elevation then relaunches Notepad++ without elevation.

    It’s full of hack, but I guess I have no choice :(



  • @donho said:

    It’s full of hack, but I guess I have no choice :(

    Well, I would call it “skillful use of officially documented features”. In contrast, the methods suggested in the MSDN blog entries I’ve posted a link to would have been real dirty hacks.



  • @donho

    please try this from an elevated cmd or gup exec line:

    schtasks /create /tn "Notepad++ Update Reload" /tr "C:\Program Files\Notepad++\notepad++.exe" /sc once /st 23:59 /f && schtasks /run /tn "Notepad++ Update Reload" && schtasks /delete /TN "Notepad++ Update Reload" /f

    i remembered i had the same problem ages ago and solved it using the scheduled tasks
    this will create run once and delete one that uses the current user regardless of the elevation level of the parent task

    i’ve just tried it and drag and drop works, also @dinkumoil the uac in the task manager should be correct



  • @Meta-Chuh

    Yes, I remember. That was the way I suppressed UAC dialogs e.g. when starting elevated console windows around 10 years ago when I switched to Windows 7. It was the “I’m the admin, why should I been asked for approving admin tasks?”-attitude.

    But to use that from within an EXE - hmm, seems crude to me…



  • @dinkumoil

    this is just to get things going right now.
    it’s to quickly test if using the task scheduler works 100% for all cases.

    if it does, we can create an ITaskService object unsing eg taskschd.h instead of a command line.

    if you have another working solution that is testable right now, don’t complain, try it, share it



  • @donho
    Have looks at article by Raymond Chen.

    We already have a solution in place, but unfortunately that solution is in nsis. Look here. The idea is: Run a exe in explorer context.

    MS link: https://msdn.microsoft.com/library/dd940355
    MS sample: https://github.com/pauldotknopf/WindowsSDK7-Samples/tree/master/winui/shell/appplatform/ExecInExplorer

    Hope this will help you.



  • Also below can be used as simplest solution -

    ShellExecute(nullptr, L"open", L"explorer.exe", L"C:\\Program Files\\Notepad++\\Notepad++.exe", nullptr, NULL);



  • @donho

    @donho said:

    @dinkumoil
    Indeed.

    @Meta-Chuh said:

    possible solution:
    execute runas /trustlevel:0x20000 “C:\Program Files (x86)\Notepad++\notepad++.exe”

    Just tried this method and seems Admin mode is OFF.
    However, drag & drop a file into edit zone (which is the original motivation to run Notepad++ under user level) is forbidden just like Admin mode is ON.

    I will continue to search the alternative way.

    Considering this scenario in mind, npp installer launches npp instance with same integrity level as explorer. Same is applicable here and drag n drop works fine using below method. So I feel, this should suit your requirement.

    ShellExecute(nullptr, L"open", L"explorer.exe", L"C:\\Program Files\\Notepad++\\Notepad++.exe", nullptr, NULL);



  • @SinghRajenM said:

    Also below can be used as simplest solution -

    ShellExecute(nullptr, L"open", L"explorer.exe", L"C:\\Program Files\\Notepad++\\Notepad++.exe", nullptr, NULL);

    Thank you for the info.
    I do remember the solution you provide in NSIS and did try the line above - only explorer launched.



  • @donho

    The last parameter has to be 1 = SW_SHOWNORMAL



  • @donho said:

    @SinghRajenM said:

    Also below can be used as simplest solution -

    ShellExecute(nullptr, L"open", L"explorer.exe", L"C:\\Program Files\\Notepad++\\Notepad++.exe", nullptr, NULL);

    Thank you for the info.
    I do remember the solution you provide in NSIS and did try the line above - only explorer launched.

    Interesting. It is working fine to me.

    [Edit]:
    @dinkumoil, nice catch. I’m using SW_SHOW



  • @SinghRajenM

    thx, very cool and easy just to execute via explorer.exe, iv’e just tried it.

    i didn’t know that explorer.exe does not pass the elevation level to a spawn.

    so simple and perfect 👍



  • @Meta-Chuh Again it depends upon how explorer.exe is executed. In most of the cases explorer is not elevated unless user explicitly do so.

    So if explorer is also elevated, then new exe also will be elevated yet. But it is expected in this case, because both will be at same integrity level which allows drag n drop.

    https://paste.pics/e25eda50315a622bfda372343fd9b722



  • @SinghRajenM
    It seems your method doesn’t work only for me.
    I test it in notepad++ with NO elevation, the following code launch calc well:

    		case IDM_FILE_NEW:
    		{
    			//fileNew();
    			ShellExecute(nullptr, L"open", L"calc.exe", nullptr, nullptr, SW_SHOW);
    	
    		}
    		break;
    

    However, the following code launch only explorer:

    		case IDM_FILE_NEW:
    		{
    			//fileNew();
    			ShellExecute(nullptr, L"open", L"explorer.exe", L"calc.exe", nullptr, SW_SHOW);
    	
    		}
    		break;
    

    What am I missing?



  • but i don’t know that code
    dism++ heve a method
    toolkit > god mode
    run program without right checking



  • @donho

    You have to provide the fully qualified path to Calc.exe/Notepad++.exe.



  • @dinkumoil said:

    You have to provide the fully qualified path to Calc.exe/Notepad++.exe.

    Yes I did. The following code doesn’t work neither:

    case IDM_FILE_NEW:
    {
    	//fileNew();
    	::ShellExecuteA(NULL, "open", "explorer.exe", "C:\\sources\\notepad-plus-plus\\PowerEditor\\bin\\notepad++.exe -multiInst", "C:\\sources\\notepad-plus-plus\\PowerEditor\\bin\\", SW_SHOW);
    }
    break;
    


  • Hmm…
    The following code works :
    ShellExecute(nullptr, L"open", L"explorer.exe", L"c:\\windows\\system32\\calc.exe", nullptr, SW_SHOW);



  • @donho

    @donho said:

    @dinkumoil said:

    You have to provide the fully qualified path to Calc.exe/Notepad++.exe.

    Yes I did. The following code doesn’t work neither:

    case IDM_FILE_NEW:
    {
    	//fileNew();
    	::ShellExecuteA(NULL, "open", "explorer.exe", "C:\\sources\\notepad-plus-plus\\PowerEditor\\bin\\notepad++.exe -multiInst", "C:\\sources\\notepad-plus-plus\\PowerEditor\\bin\\", SW_SHOW);
    }
    break;
    

    As you know ShellExecute parameters,
    Command/operation => “open”
    Command Location/File => “explorer.exe”
    Command Parameters => “C:\sources\notepad-plus-plus\PowerEditor\bin\notepad++.exe -multiInst”

    So here problem is command parameter which includes another command parameter. Try without “-multiInst”. It should work.


Log in to reply