0
If im logged in as an administrator on windows is it possible to run a application with standard privileges? It seems like outlook is run with standard privilege even if started on from an admin account. So i believe that it's possible.
The application is one we have built ourself so we can change the manifest as we like. It's set as HighestAvailible right now. But if we change it to AsInvoker it will run with elevated privileges on a admin account and with standard privileges on a standard account.
So my question; is can i force windows to run the application with standard privileges?
Background info: The reason i want to do this is that we do some outlook integrations. And if our app is run as admin and outlook as standard a COM error occurs. If I force outlook to run as admin and our is run as admin it works just fine. If i run our app from a standard account it also works fine. So the only time it fails is when our app is run as admin and outlook is run as standard. And this seems to be the default way in windows 8.1. Outlook is started with standard privileges even on a admin account.
By default unless you esclate the permissions of a process launched by an Administrator the process will have non-esclated user permissions. So what exactly is your question? The solution to this problem is have your program launch/exit outlook itself. One way to acomplish this is a "launcher" program. This means have a small program that launches both applications using the permission they require. You can also use a manifest file. – Ramhound – 2014-08-19T12:40:27.587
The problem is that our program is run on both admin accounts and on standard accounts. I don't think we have permission to mess with outlook in our customers environment so we have to change our program. I want to force windows to run our program with standard privileges even if it's run on a admin account. If that is possible. – merger – 2014-08-26T18:39:52.300
Most of the time if a program requires Administrator priviliages its likely doing something it shouldn't or it should be doing that in a such a way that does not require administrator priviliages. – Ramhound – 2014-08-26T20:23:43.483
Our program can update itself with new dll files. Standard privileges does not like that very much. This is a business application and not a program for the masses. We can run as standard but not everything works. Most of our customers run it on a admin account to eliminate UAC problems. – merger – 2014-08-27T05:33:04.300
The solution seems simple. Your program should launch a separate program with a manifest file which updates the dlls – Ramhound – 2014-08-27T10:24:00.017