Mustafa E. Korkmaz

I found a not bad solution. If the exe does not have admin permissions, CreateProcessAsUser does not work at all. If CreateProcessWithLogonW is used directly, the exe does not need to have admin privileges. When using CreateProcessWithLogonW, the exe to be run must be in a common directory. Otherwise, it gives an access denied error. In other words, it must be in a directory that both the unauthorized user and the admin user can access. It can be the C:\Users\Public\ directory. When the button is pressed while the Delphi application is on the desktop of the unauthorized user, it can copy the exe file to the C:\Users\Public\ directory and run it directly as admin with CreateProcessWithLogonW. function RunAsAdminWithPassword( UserName, Password, Domain, AppPath: WideString) :integer; var SI: TStartupInfoW; PI: TProcessInformation; begin result := 0; ZeroMemory(@SI, SizeOf(SI)); SI.cb := SizeOf(SI); if CreateProcessWithLogon( PWideChar(UserName), PWideChar(Domain), PWideChar(Password), LOGON_WITH_PROFILE, nil, PWideChar(AppPath), CREATE_NEW_CONSOLE, nil, nil, SI, PI) then begin CloseHandle(PI.hProcess); CloseHandle(PI.hThread); end else result := GetLastError; end; procedure TForm1.Button1Click(Sender: TObject); begin copyExetoPublic(); RunAsAdminWithPassword( 'User', 'test123', '.', 'C:\Users\Public\' + ExtractFileName( application.ExeName ) ); end;

The Elevate package is mentioned in the link Remy sent. The program is run normally under a non-admin user name. As far as I know If the program is not run with admin rights, we cannot use the AdjustTokenPrivileges function for SE_ASSIGN_PRIMARY_TOKEN_NAME.

Thanks for all the advice. I couldn't find anything about The Elevate package (Elevate_BinariesAndDocs.zip) I couldn't find it but even if I found these, users do not want Elevate.dll and Elevate.exe to run separately outside the normal application. The interesting thing is that the Anydesk application can do this with a single exe, without requiring installation or making any settings on the computer. At first glance it doesn't seem like a difficult subject.

CreateProcessAsUser gives this error: 1314 "A required privilige is not held by the client" function RunAsXX(commandline: String; hToken:THandle): Integer; var dwSize: DWORD; lpvEnv: Pointer; pi: TProcessInformation; si: TStartupInfo; szPath: Array [0..MAX_PATH] of WideChar; begin try ZeroMemory(@szPath, SizeOf(szPath)); ZeroMemory(@pi, SizeOf(pi)); ZeroMemory(@si, SizeOf(si)); si.cb:=SizeOf(TStartupInfo); try if CreateEnvironmentBlock(lpvEnv, hToken, True) then begin try dwSize:=SizeOf(szPath) div SizeOf(WCHAR); if (GetCurrentDirectoryW(dwSize, @szPath) > 0) then begin if CreateProcessAsUser(hToken, nil, PWideChar(WideString(commandline)), nil, nil, FALSE, CREATE_UNICODE_ENVIRONMENT, lpvEnv, nil, si, pi) then begin result:=ERROR_SUCCESS; CloseHandle(pi.hProcess); CloseHandle(pi.hThread); end else result:=GetLastError; end else result:=GetLastError; finally DestroyEnvironmentBlock(lpvEnv); end; end else result:=GetLastError; finally CloseHandle(hToken); end; except result := 1; end; end; procedure TForm1.Button1Click(Sender: TObject); begin if ImpersonateUser.Logon( 'User', '', 'test123' ) then begin Showmessage( inttostr( RunAsXX( application.ExeName, ImpersonateUser.FUserToken ) ) ); end; end;

I tested the component you sent as follows. It still gave error number 5. The logon function is successful but I get an error in the next step. function RunAs(User, Password, commandline: String; hToken:THandle): Integer; var dwSize: DWORD; lpvEnv: Pointer; pi: TProcessInformation; si: TStartupInfo; szPath: Array [0..MAX_PATH] of WideChar; begin try ZeroMemory(@szPath, SizeOf(szPath)); ZeroMemory(@pi, SizeOf(pi)); ZeroMemory(@si, SizeOf(si)); si.cb:=SizeOf(TStartupInfo); try if CreateEnvironmentBlock(lpvEnv, hToken, True) then begin try dwSize:=SizeOf(szPath) div SizeOf(WCHAR); if (GetCurrentDirectoryW(dwSize, @szPath) > 0) then begin if (CreateProcessWithLogon(PWideChar(WideString(User)), nil, PWideChar(WideString(Password)), LOGON_WITH_PROFILE, nil, PWideChar(WideString(commandline)), CREATE_UNICODE_ENVIRONMENT, lpvEnv, szPath, si, pi)) then begin result:=ERROR_SUCCESS; CloseHandle(pi.hProcess); CloseHandle(pi.hThread); end else result:=GetLastError; end else result:=GetLastError; finally DestroyEnvironmentBlock(lpvEnv); end; end else result:=GetLastError; finally CloseHandle(hToken); end; except result := 1; end; end; procedure TForm1.FormCreate(Sender: TObject); begin ImpersonateUser := TImpersonateUser.Create( self ); end; procedure TForm1.Button1Click(Sender: TObject); begin if ImpersonateUser.Logon( 'User', '.', 'test123' ) then begin Showmessage( inttostr( RunAs( 'User', 'test123', application.ExeName, ImpersonateUser.FUserToken ) ) ); //------> 5 end; end;

I log in to Windows 11 with a username that does not have admin privileges. My program knows the admin username and password. When a button is pressed in the program, I want it to work again with admin authority. The person using the program should not be asked for the admin username and password. How can I do it? function RunAsAdmin(const Path, Params: string): Boolean; var sei: TShellExecuteInfo; begin try FillChar(sei, SizeOf(sei), 0); sei.cbSize := SizeOf(sei); sei.fMask := SEE_MASK_FLAG_DDEWAIT or SEE_MASK_FLAG_NO_UI; sei.lpVerb := PChar('runas'); sei.lpFile := PChar(ExtractFileName(Path)); sei.lpDirectory := PChar(ExtractFilePath(Path)); sei.lpParameters := PChar(Params); sei.nShow := SW_SHOWNORMAL; Result := ShellExecuteEx(@sei); except result := false; end; end; procedure TForm1.Button1Click(Sender: TObject); begin RunAsAdmin( application.ExeName, '' ); end; When I use the ShellExecuteEx function Windows asks for the admin username and password. When these are entered, the program runs with admin authority. But the program already knows the admin username and password. I want it to run with admin permission without having to enter it again. function RunAs2( User, Password, commandline: String ) : integer; var StrInf : TStartupInfo; PrcInf : TProcessInformation; begin result := 1; try FillChar(StrInf,SizeOf(TStartupInfo),0); FillChar(PrcInf,SizeOf(TProcessInformation),0); StrInf.cb := SizeOf(TStartupInfo); StrInf.wShowWindow := SW_SHOWNORMAL; if CreateProcessWithLogon( PWideChar( WideString( User ) ), nil, PWideChar( WideString( Password ) ), 1, nil, PWideChar( WideString( commandline ) ), CREATE_UNICODE_ENVIRONMENT,//0, nil, nil, StrInf, PrcInf ) then result := 0; if Result = 0 then begin CloseHandle(PrcInf.hProcess); CloseHandle(PrcInf.hThread); end else result := GetLastError; except end; end; procedure TForm1.Button1Click(Sender: TObject); begin Showmessage( inttostr( RunAs2( 'User', 'test123', application.ExeName ) ) ) end; When I use the CreateProcessWithLogon function the following error is received: 5 ---> access denied For example, after connecting to the unauthorized computer remotely in one of the remote desktop applications, you send the remote admin username and password from the actions menu. The UAC dialog appears on the remote computer. If the user selects Yes, the application runs again with admin authority without being asked for the admin username and password.

No. did not change the result >Is there a way to optimize the image palette to match the default 256 color Windows palette? I have no idea yet how to do it.

I use Delphi 11.3 8 bit images are displayed very badly on windows 11 computer. I think the color palette is different. image1 and image2 show same 24 bit bmp on screen. When you click to '8bit' button it changes pixel format of image2. procedure TForm1.b8bitClick(Sender: TObject); begin image2.Picture.Bitmap.PixelFormat := pf8bit; end; I run the same program on windows 10 and windows 11 computers. The image2 in windows 11 looks very bad. The first of the attached pictures is from windows 10, the second is from windows 11 (22H2). When I open the same 24-bit image in the paint brush application in windows 11 and save it as 256 colors, it still looks very bad on the screen. So I guess it's not about delphi directly. But maybe it's possible to restore the old color palette from delphi. The application I developed uses 8bit images heavily. How can I solve this problem?

I wrote android service application in java. I start this service from my delphi application. I use delphi 11. Android device OS version 11. If I set targetsdk to 29 from the manifest file, the project works fine. Cannot start java service from delphi if targetsdk is 30. I couldn't find how there is a change between api 29 and 30 regarding this issue. LIntent := TJIntent.Create; LIntent.setComponent( TJComponentName.JavaClass.init( StringToJString( PackageNameStr ), StringToJString( ServiceNameStr ) ) ); ServiceConnection := TRemoteServiceConnection.Create; ServiceConnection.OnConnected := OnServiceConnected; ServiceConnection.OnHandleMessage := OnMessage; ServiceConnection.BindService( PackageNameStr, ServiceNameStr ); if ( ( TJBuild_VERSION.JavaClass.SDK_INT >= 26 ) ) then startResult := TAndroidHelper.Activity.startForegroundService( LIntent ) else startResult := TAndroidHelper.Activity.startService( LIntent );