0

I'm running into the problem outlined in this question: How to prevent uninstaller elevating for Standard Windows 10 user? where unstallation of an app installed under the user's AppData folder works correctly from the classic control panel "Programs and Features" page, but fails from the Settings "Apps and Features" page, due to the unilateral attempt by Windows to elevate the uninstall process.

I should be able to fix the issue if I can determine the identity of the user that originally started the uninstallation, but as far as I can tell the token holding their identity is lost when the elevation happens.

Trying to make a comparison with Unix, but my understanding there is that more often the effective UID is changed to gain permissions, in that scenario I'm trying to recover the real UID.

Is this possible via the Win32 API, and if so how? I've googled long and hard, and all I keep turning up are pages telling me how to recover lost accounts or passwords.

dgnuff
  • 3,195
  • 2
  • 18
  • 32
  • Have a look at [`WTSQuerySessionInformation(WTSUserName)`](https://learn.microsoft.com/en-us/windows/win32/api/wtsapi32/nf-wtsapi32-wtsquerysessioninformationw) to get the username of the user that is logged in to the current Windows session. – Remy Lebeau May 05 '20 at 23:11
  • @RemyLebeau That looks exactly like what I was after. If you create an answer out of that, I'll accept it. – dgnuff May 05 '20 at 23:30
  • are you need user name or token of session really ? in second case you need `WTSQueryUserToken` call. but before this you need get `SE_TCB_PRIVILEGE` what is possible if you run elevated – RbMm May 06 '20 at 09:03

0 Answers0