UAC Assembly Name Display
- Hi MSDN PPL,
I am having an issue with Vista UAC. I am requesting admin rights using a manifest file compiled resource - below. This is a simple C++ (VS 6.0) app, the manifest is compiled as a resource of the exe (type 24, ID 1)
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="DBBoot.exe" type="win32" />
<description>Integra Pro Database Setup Bootstrap Loader</description>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="requireAdministrator" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
This is correctly asking me to confirm admin access but with weird assembly names. The request is being made for a *.tmp file! Not my *.exe. It seems to get the first few letters correct but after that its no go. I thought I had given all the information required in the above manifest (assemblyIdentity) - obviously not.
I have tested with both signed and un-signed executables with no difference. I have posted a screen shot of the weird file name - it should be DBBoot.exe.
Screen Shot
Thanks All,
Matt.
Answers
- Hey Sugar,
Mate, I have found a workaround. I have been working on an App to sign binary files in bulk, I am using CAPICOM to provide signing functionality.
With CAPICOM I use a CAPICOM.SignedCode object to sign the code. I contains a 'Description' property.
This seems to control what the UAC dialog is displaying!!!! I can get what ever I want in there now!
I know it doesn't solve the command line signtool problem but I have found a way to control what UAC says.
If you want I would be happy to email you the code required to get up and running. You can download the CAPICOM redist. here:
http://www.microsoft.com/downloads/details.aspx?FamilyId=860EE43A-A843-462F-ABB5-FF88EA5896F6&displaylang=en
Let me know if you want some code,
Matt.
All Replies
- As you can see from the screen shot I am using a test certificate that I created myself using the set of instructions from this post:
Link to post
I don't believe I have done anything wrong here but I could be wrong!
Does anyone have a complete reference for these manifest files? If I could find a good reference I should be able to sort this out myself - I hope.
Matt. - Maybe it does have something to do with my certificate. If I don't sign the assembly it gets the executable name correct! See the screen shot in the link below:
Screen Shot
Is it possible the signing process is destroying the assembly identity information windows gurus? I am having the same problem. I posted a question in the Microsoft public newsgroups, but they told me to come here. This is hardly a app-killing problem, but it certainly doesn't instill any confidence in users when the UAC prompt pops up with some weird .tmp file.
I'm not sure your conclusion that the <assemblyIdentity> element works on unsigned assemblies is accurate. That's simply how that version of the UAC prompt works. Try changing the name property, and you'll notice that it will still show your DBBoot.exe for the "unrecognized publisher" UAC prompt.
If you view the video here: http://channel9.msdn.com/Showpost.aspx?postid=209647, you will see how to specify the application name. Unfortunately, this doesn't apply to managed (.NET) apps.
- Your probably correct about the <assemblyIdentity>; it was a....guess.
Did you manage to find a solution Sugar? Nope, nothing yet. I kinda gave up on it for now. I looked into seeing if the signtool utility was able to specify the application name, but found nothing useful. I will post something here if I do find a solution. Please do the same.
Edit: As I said, there is information how to set the application/assembly name in the consent prompt in the video here:
http://channel9.msdn.com/showpost.aspx?postid=209647
It's at about 15:50.
- Hey Sugar,
Mate, I have found a workaround. I have been working on an App to sign binary files in bulk, I am using CAPICOM to provide signing functionality.
With CAPICOM I use a CAPICOM.SignedCode object to sign the code. I contains a 'Description' property.
This seems to control what the UAC dialog is displaying!!!! I can get what ever I want in there now!
I know it doesn't solve the command line signtool problem but I have found a way to control what UAC says.
If you want I would be happy to email you the code required to get up and running. You can download the CAPICOM redist. here:
http://www.microsoft.com/downloads/details.aspx?FamilyId=860EE43A-A843-462F-ABB5-FF88EA5896F6&displaylang=en
Let me know if you want some code,
Matt. - I should have looked at this earlier...
There is a "/d" switch for signtool which allows you to provide a description. I haven't checked but I bet that would do the same trick.
I should have found this earlier - I feel like a kook!
Live and learn.... Sorry, I would have replied earlier, but I was having some problems getting the reply to work. (Had to delete cookies).
So, that is fantastic. That totally works. I feel kinda stupid too. I was even looking at the signtool documentation. I guess I just missed the /d option.
