Run exe after installing msi, but using current user privileges

Question

Run exe after installing msi, but using current user privileges

I am using Visual Studio 2008 to build the MSI installation package. As part of the installation, I have many custom actions. Inside the OnAfterInstall user action, I try to run exe, which is deployed by the installation. The EXE starts normally, but works in the NT AUTHORITY \ SYSTEM security context (i.e., at elevated privileges granted to the Windows Installer process). I really need exe to run in the security context of the current user who started the installation first. Does anyone know how to run exe so that it works in this "abbreviated" context. I really want to avoid having to ask the user for my credentials, if possible.

+6

installer exe security windows-installer

Deh Oct 9 '09 at 13:29

source share

1 answer

Oleg · Accepted Answer · 2010-09-07T20:25:43+0000

You need to use the Remote Desktop Services API: http://msdn.microsoft.com/en-us/library/aa383464%28v=VS.85%29.aspx . It is available with WinXP.

This API allows you to run your application in the context of any registered user account. You must work as SYSTEM in order to be able to use it. And you. For example, you can enumerate sessions using WTSEnumerateSessions, then take a user token using WTSQueryUserToken and run the application using this token.

Run exe after installing msi, but using current user privileges

More articles: