Embed Size (px)
Citation preview
Hands-On LabUAC Data Redirection - NativeLab version: 1.0.0
Last updated: 5/5/2023
UAC Data Redirection - Native
CONTENTS
OVERVIEW................................................................................................................................................. 3
EXERCISE 1: EXPLORING USER ACCOUNT CONTROL VIRTUALIZATION.........................................4Task 1 – Run the Application without a Manifest................................................................................4
Task 2 – Find the Problem...................................................................................................................8
Task 3 – Add a UAC Manifest.............................................................................................................11
Task 4 – Correct the Access Denied Error..........................................................................................14
SUMMARY................................................................................................................................................ 16
2
UAC Data Redirection - Native
Overview
Many applications are still designed to write files to the Program Files, Windows® directories, or system root (typically the C drive) folders Some applications are designed to update Microsoft® Windows registry values, specifically values in HKLM/Software. But there is one problem: the files or registry values are not created or updated. In this lab, you will experience first hand the effects of UAC virtualization and will walk through the steps to solve the problem.
Objectives
In this lab, you will learn how to:
Troubleshoot a file redirection issue
Use Process Monitor to find the root cause of the issue
System Requirements
You must have the following items to complete this lab:
Microsoft Visual Studio® 2008
Microsoft Windows 7
Windows 7 SDK
Process Monitor from Microsoft TechNet (http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx)
3
UAC Data Redirection - Native
Exercise 1: Exploring User Account Control Virtualization
In this exercise, you will diagnose a broken native (Win32) C++ applicationthat exhibits file redirection to the VirtualStore folder.
You will then add a UAC manifest section and compile the application , thereby marking it as UAC-aware. You will observe that instead of being redirected, write operations to the Program Files folder will be blocked resulting in an “access denied” error.
Finally, you will fix the application by modifying it to store the file to the Application Data (ProgramData) folder.
Task 1 – Run the Application without a Manifest
In this task, you will run the application without a manifest, which simulates an older application and triggers the UAC virtualization mechanism. New applications created with Visual Studio 2008 automatically embed a manifest containing a UAC section by default.
1. Make sure you are running the lab on a UAC-enabled computer:
a. From the Start menu
i. Open Search
ii. Type UAC
iii. Click “Change User Account Control settings” in the search results list
b. The User Account Control Settings dialog box appears. To ensure UAC is NOT disabled:
i. Set the UAC slider at the default level (as pictured below)
ii. Click OK
4
UAC Data Redirection - Native
2. Navigate to the folder containing the DataRedirection solution.
3. Open the solution in Visual Studio.
a. Make sure you don’t start Visual Studio with administrator privileges
b. If Visual Studio is started with elevated privileges, then “Visual Studio (Administrator)” will display in the title bar
4. Set the BrokenAppNative project as the startup project:
a. Right-click the project in Solution Explorer and select Set as StartUp Project
5. Set the build target to x86 (Debug or Release; Debug recommended):
Help
The reason for this is that for x64 applications, virtualization is turned off regardless of a manifest.
6. Right-click the BrokenAppNative project in Solution Explorer and select Properties:
a. By default, Visual Studio 2008 configures projects to include a UAC section in the manifest; we will turn off this setting to illustrate how a legacy application would behave
7. In Properties:
a. Expand Configuration Properties
b. Expand Linker
5
UAC Data Redirection - Native
c. Select Manifest File
d. Change the Enable User Account Control (UAC selection to No
e. Click OK
8. Navigate to the BrokenAppNative.cpp file and inspect the SaveFile and LoadFile functions
9. Observe how the path is constructed in the MakeDataFilePath function:
a. The data file path saves to a folder under Program Files
b. SHGetKnownFolderPath with the FOLDERID_ProgramFiles parameter retrieves the path of the Program Files folder
c. A subdirectory under Program Files is created first (BrokenApp), if it doesn't exist
d. Then a filename (SomeFile.txt) is created under that subdirectory
10. Build the project and run it. Again, make sure you don’t run it with administrator privileges.
11. Open Task Manager and click the Processes tab.
a. From the View menu, choose Select Columns
6
UAC Data Redirection - Native
b. The Select Process Page Columns dialog box appears
c. Check the User Account Control (UAC) Virtualization check box, shown in the red box in the following image (just make sure you actually check that box!)
d. Click OK
12. Notice that the UAC Virtualization column is enabled for your process:
13. Type some text into the edit box and then click Save. The operation should succeed; that is, you won't receive an error.
7
UAC Data Redirection - Native
14. Try to navigate to the path indicated (for example, C:\Program Files (x86)\BrokenApp on x64 Windows 7 or C:\Program Files\BrokenApp on x86 Windows).
Watch Out
You won't find BrokenApp under Program Files because the write file operation was redirected to the VirtualStore folder
Task 2 – Find the Problem
In this task, you will walk through the different steps to confirm that your application is experiencing UAC virtualization.
1. Download and unzip Process Monitor from Microsoft TechNet (http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx).
2. Launch Process Monitor.
3. Launch the BrokenAppNative application.
8
UAC Data Redirection - Native
4. Make sure Process Monitor is capturing by clicking the third toolbar button. You can also toggle capturing on/off by pressing CTRL-E.
5. In the BrokenAppNative application, enter some text into the textbox.
6. Click Save in the BrokenAppNative application.
7. You can stop capturing in Process Monitor by clicking the third toolbar button again (or by pressing CTRL-E).
8. In Process Monitor, from the Tools menu, click Process Tree. The Process Tree dialog box appears:
9. Look for BrokenAppNative.exe in the tree and double-click it.
9
UAC Data Redirection - Native
10. Click Close to close the Process Tree dialog box.
11. Right-click the process name BrokenAppNative in Process Monitor.
12. Click Include BrokenAppNative. This will filter out all other events:
10
UAC Data Redirection - Native
Help
You can see that BrokenAppNative is trying to create the file C:\ProgramFiles (x86)\BrokenApp\SomeFile.txt. This file is redirected to the VirtualStore folder, where the actual data file ends up.
Notice the Result column. The line where the result is “REPARSE” is the original operation. The next line with the result “SUCCESS” is the redirected operation.
Task 3 – Add a UAC Manifest
In this task, you will add a manifest to the application to mark the application as UAC-aware. By marking your application as UAC-aware, you declare that the application does not require write access to protected locations. UAC virtualization will not apply to your application.
1. Right-click the BrokenAppNative project in Solution Explorer and select Properties.
2. Expand Configuration Properties.
3. Expand Linker.
4. Select Manifest File.
5. Change the Enable User Account Control (UAC)selection to Yes.
6. Click OK.
11
UAC Data Redirection - Native
7. Re-build the application.
8. Run the application.
9. Look at Task Manager again, and you will notice that virtualization is now disabled:
12
UAC Data Redirection - Native
Help
This is because the presence of the UAC section in the manifest marks the application as UAC-aware.
10. Type some text into the edit box and click Save in the BrokenAppNative application. You should receive the following error:
13
UAC Data Redirection - Native
Help:
Because UAC virtualization is turned off, writing to protected locations results in an error.
Task 4 – Correct the Access Denied Error
By embedding the manifest containing a UAC section, you declare to Windows 7 that your application is UAC-aware, and therefore will refrain from writing to any protected storage area. In this task you will change the location to which the text file will be saved and fix the access denied error.
1. Return to Visual Studio.
2. Navigate to the MakeDataFilePath function in BrokenAppNative.cpp.
3. Comment out the line at the top of the function that includes FOLDERID_ProgramFiles.
4. Uncomment the line that includes FOLDERID_ProgramData.
5. Rebuild and run the application.
You now have fixed the redirection issue and saved your data file to the correct location.
14
UAC Data Redirection - Native
Help:
In order for redirection to work in Visual Studio 2008, you must turn off UAC in the manifest generation. To do so:
For C# projects In Visual Studio:
1. Click the Project menu.
2. Click the Properties for that project.
3. On the Application tab, in the Resources area, select the Icon and manifest button.
4. Select Create application without a manifest.
5. Click OK.
For C++ projects In Visual Studio:
1. Click the Project menu.
2. Click the Properties for that project.
3. Expand Configuration Properties.
15
UAC Data Redirection - Native
4. Expand Linker.
5. Select Manifest File.
5. Change the Enable User Account Control (UAC) selection to No.
6. Click OK.
UAC is turned off here only for demonstration purposes. All executables should contain a UAC section in the manifest. If a UAC section is present in the manifest, Windows will not consider the application a legacy application and does not enable redirection. Writing to Program Files would return an access denied error.
Summary
In this lab you have used Process Monitor to diagnose a UAC redirection issue and have solved it by modifying your code to save to the correct location (ProgramData).
For more information, please refer to:
Common file and registry virtualization issues in Windows Vista – http://support.microsoft.com/kb/927387
New UAC Technologies for Windows Vista – http://msdn.microsoft.com/en-us/library/bb756960.aspx
"Inside Windows Vista User Account Control" – http://msdn.microsoft.com/en-us/magazine/2007.06.uac.aspx
16
