Set "Run as Admin" about mslinks HOT 7 CLOSED

On Windows 10, setting a desktop shortcut (for running an exe) to Run As Administrator alters the 22nd byte from 0x40 to 0x60. Not sure if this holds for Windows Vista through Windows 8.1, or whether .lnk files with this byte set to 0x60 would be OK on Windows XP.

There is an API in Windows for setting the flags of a shortcut, including the Run As Administrator value. It is independent of the Registry. Sample C++ code is available at https://social.msdn.microsoft.com/Forums/windowsdesktop/en-US/a55aa70e-ae4d-4bf6-b179-2e3df3668989/api-to-set-quotrun-as-administratorquot-flag-on-a-shortcut-file?forum=windowssecurity

Not sure if there is any practical way to do this from pure Java. Probably have to create a JNI or JNA DLL from C++ native code and call that DLL from Java.

from mslinks.

Well, actually 5th bit in 21st byte is RunAsUser flag in LinkFlags structure. You can easily manipulate it like this: sl.getHeader().getLinkFlags().setRunAsUser(); or sl.getHeader().getLinkFlags().clearRunAsUser();
I've just tested it and it actually does the jod.
Sorry for misunderstanding =\ The API reflects the Microsoft documentation so it carries the same level of confusion

from mslinks.

If not, does your API allow to change the target path?
I've tried ShellLink.setTarget() but check in Windows afterwards, it seems to not have an effect

from mslinks.

Does your API allow to set the Property "Run as Admin" for the shortcut?

No, it doesn't. At least for now. As far as I remember there is no such flag in lnk file structure. Probably they use some trick for that option.

I've tried ShellLink.setTarget() but check in Windows afterwards, it seems to not have an effect

It should work. Did you save the link file afterwards?

from mslinks.

As far as I remember there is no such flag in lnk file structure. Probably they use some trick for that option.

It's a registry entry. It's only related to this project because the Windows Desktop illustrates it on the properties of the launcher. A standard shell reg can add it without this library.

Edit: It appears it can be set in the .lnk, see @Mike4Online's comments below.

from mslinks.

@Mike4Online I have slightly different results. Note, I'm using indices below for clarity.

Using C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk

• On Windows 10, I can confirm that byte[21] changes from 0x03 to 0x23 when the Run As Administrator flag is checked.
• On Windows XP, I can confirm that byte[21] changes from 0x02 to 0x22 when the Run with different credentials flag is checked.

Disclaimer: I'm using XVI32 to examine this with a standard hex editor. If there's a byte offset that I should be using that may explain why our values differ.

Windows XP SP3

Testing the Windows 10 byte changes on Windows XP SP3 show no immediate problems.

• If I force byte[21] to 0x03 value to match Windows 10, the shortcut still works as expected.
• If I force byte[21] to 0x23 value to match Windows 10, the shortcut prompts who to run the shortcut as (not identical in behavior, but expected, since Windows XP didn't have UAC, so this concept hadn't yet been invented.

Windows 7 SP1

Testing the Windows 10 byte changes on Windows 7 show no immediate problems.

• If I force byte[21] to 0x23 value to match Windows 10, the shortcut runs as administrator as expected.
• If I force byte[21] to 0x02 to match Windows XP, no adverse side effects are observed.
• If I force byte[21] to 0x22 to match Windows XP's "Run with different credentials", the shortcut runs as administrator as expected.

There is an API in Windows for setting the flags of a shortcut

Since this API works on a byte-level, that's the best approach. There's ways to invoke the Windows APIs using a project called JNA, but that may be overkill given the simplicity of this using our combined research.

from mslinks.

So @Mike4Online's proposal (or in my case, slightly varied propsoal) is tested and working on Windows XP, 7 and 10. From my findings, I would suggest making the API use bitwise OR value of 0x20on byte[21].

@DmitriiShamrikov what are the next steps for someone such as @Mike4Online or myself to make a PR with this feature? Reading the source, I assume there are some special considerations to be made and that the .lnk files are serialized using some specific guards or assumptions. Can you point us in the right direction?

from mslinks.