OTS COM Elevation. Standard user gets elevation prompt, can create COM object, and call functions, but the functions don't change the registry.

See more:

COM

COM+

administrator

registry

Hi,

I have a COM dll with a class in it.

I have an app with a UAC level of asInvoker. This app creates a COM object as administrator.

Everything works fine running as administrator, and even logged in as standard user, right->click runas administrator.

However, when I log in as standard user and double-click, I see the UAC elevation prompt when my class gets invoked. I enter in the correct password, and the COM object creation passes, but I get an access denied error (0x80070005).

Anybody have any clues? Also, do you know of any great debuggers that I may use to solve this?


More Info:

I am building it in VS 2008, but it is using visual studio version 2.0 with MFC setting to 'using standard windows libraries' and Use of ATL set to 'Dynamic Link to ATL'

In the rgs file for the class whose object I am creating, I add the following:

NoRemove CLSID
{
  ForceRemove {<class-guid>} = s 'CDCRegistryWriter Class'
  {
    ProgID = s <ClassName>.1'
    VersionIndependentProgID = s '<className>'
    ForceRemove 'Programmable'
    InprocServer32 = s '%MODULE%'
    {
      val ThreadingModel = s 'Apartment'
    }
    val AppID = s '%APPID%'
    'TypeLib' = s '<library-guid>'
    Elevation
    {
        val Enabled = d 1
        val IconReference = s 'applicationIcon'
    }
    val LocalizedString = s '@%MODULE%,-100'
  }
}

The above settings, set the following keys:

HKLM\Software\Classes\CLSID\My ClassID (found in ClassName.rgs)\AppID (a string set to My AppGuid)
HKLM\Software\Classes\CLSID\My ClassID\LocalizedString (an expanding string set to @dllPath.dll,-100(where 100 is a string
in the string table)).

HKLM\Software\Classes\CLSID\My ClassID\Elevation\Enabled (a DWORD set to 1)

HKLM\Software\Classes\CLSID\My ClassID\Elevation\IconReference (An expanding string set to 'applicationIcon')

I add the following to the rgs file for the dll

HKCR
{
  NoRemove AppID
  {
    '%APPID%' = s '<AppName>'
    {
      val DllSurrogate = s ''
      val ROTFlags = s '1'
    }
    'CDCElevatedCOM.DLL'
    {
      val AppID = s '%APPID%'
    }
  }
}

The above code adds the following keys to the registry:
HKLM\Software\Clas
ses\AppID\My AppGuid(found in dllMain.h)>\ROTFlags(a string set to "1")
HKLM\Software\Classes\AppID\My AppGuid\DllSurrogate(a string set to empty)

Also, my calling code uses the standard old

HRESULT CallingClass::CoCreateInstanceAsAdmin(HWND hwnd,REFCLSID rClsid, REFIID rIid, void** ppv)
{
  try
  {

    HRESULT     hr;
    BIND_OPTS3	bo;
    WCHAR		wszCLSID[255];
    WCHAR		wszMonikerName[300];

    StringFromGUID2(rClsid,wszCLSID,sizeof(wszCLSID)/sizeof(wszCLSID[0])); 

    hr = StringCchPrintf(
       wszMonikerName,sizeof
       (wszMonikerName)/
       sizeof(wszMonikerName[0]),   
       L"Elevation:Administrator!new:%s", 
       wszCLSID);

    if(FAILED(hr))
    {
      . . .ShowMyDebugMessage		
      return hr;
    }

    memset(&bo, 0, sizeof(bo));
    bo.cbStruct	= sizeof(bo);
    bo.hwnd	= hwnd;
    bo.dwClassContext = CLSCTX_LOCAL_SERVER;
    return CoGetObject(wszMonikerName, 
        &bo, rIid, ppv );
  }
  catch(...)
  {
    . . .Show my debug message
    return E_FAIL;
  }

  return S_OK;

}