I have an old legacy program (EXE1) written in VB6 which should not need administrator privileges to run. So the manifest of this program contains the line
<requestedExecutionLevel level="asInvoker" />
telling the program to run with the rights of the calling user (which usually in no admin).
For one new feature I need to do something that requires admin privileges, but since not all users will use this new feature, the program should only ask for admin credentials (UAC) if this feature is really called.
How do I do that?
I thought, that outsourcing this feature to a second executable (EXE2) with a manifest with
<requestedExecutionLevel level="requireAdministrator" />
and calling this executable from EXE1 will do the trick, but I was wrong.
Running EXE2 standalone results in the usual UAC dialog where you can type in admin credentials, and the program works as expected.
1. Calling EXE2 from within EXE1 with the VB6 Shell command
If EXE1 doesn't have admin rights calling EXE2 doesn't pop up the UAC dialog, instead it results in a runtime error 5 (invalid procedure call or argument).
If EXE1 has admin rights, EXE2 works.
2. Calling EXE2 from within EXE1 with the WinApi command ShellExecuteA (with the lpOperation parameter set to runas)
If EXE1 doesn't have admin rights running EXE2 doesn't pop up the UAC dialog, instead it seems to work and give back the exit code for ERROR.
If EXE1 has admin rights, EXE2 works.
So, how can I pop up the UAC dialog on running EXE2, if EXE1 doesn't have admin rights?
If there's a way without outsourching the feature to a standalone executable (EXE2) I'd be glad to hear about that as well.
Thank you.
