I need a standard or limited Windows 7 user to be able to run an application (Fallout Mod Manager) which requires UAC elevation. I've tried the Application Compatibilty Toolkit, but that did not work as intended. Any Suggestions? I am running Windows 7 Ultimate local, so policies can be applied.
I basically want something like unix' setuid flag.
Best Answer
It's doable, but not easy to explain.
There are only three reasons why an application would request for elevation on startup:
requireAdministrator
Assuming you've already checked the compatibility tab, and the application is not set to require administrator:
The next step is to check for an embedded resource manifest. i won't go into how you can find that out. But skip to create a manifest for yourself.
Create a file in the same directory as Fallout Mod Manager (i don't know what the
exe
is called, but i'll call itFalloutModManager.exe
:FalloutModManager.exe FalloutModManager.exe.manifest
This new
manifest
file you create is a simple text file, containing xml, with a manifest entry that says that we want to launch asInvoker, rather than requireAdministrator:FalloutModManager.exe.manifest
Having this file next to your executable is called an "external manifest". It is also possible the executable has an embedded resource, which you would need a tool like Resource Hacker to see, or modify.