When you build a project for a Windows target platform, RAD Studio automatically includes an application manifest file. You can use the default application manifest file as a base for your custom application manifest file:
To do that, All you need is a Resources hacker/inspector program that allows you to change the manifest of an EXE file.
I personnaly use Angus Johnson’s Software for a long time because it’s just simple and cool to use.
The default application manifest declares the required elevation level as
asInvoker. That means that your application will have the same elevation level as its parent process. If you wish to elevate your application to the Windows Administrator privilege level, simply change the value of the level attribute in the
requestedExecutionLevel tag from
You can add that to the
TrustInfo, and the
<security> tag where you will add both the
uiAccess to the Requested Execution Level:
false — The application does not need to drive input to the UI of another window on the desktop. Applications that are not providing accessibility should set this flag to false. Applications that are required to drive input to other windows on the desktop (on-screen keyboard, for example) should set this value to true.
true — The application is allowed to bypass UI protection levels to drive input to higher privilege windows on the desktop. This setting should only be used for UI Accessibility applications.
Level : Here you can find a table explaning the Level declared in application manifest and it’s behavior
Note: The user will still need administrator privileges or credentials in order to run the application with the Administrator privilege level.
You can find more about it on Microsoft’s Docs website : /MANIFESTUAC (Embeds UAC information in manifest)
In order to create a DPI-aware application, you need to declare DPI awareness in the application manifest. For example, to declare that your application is per-monitor DPI-aware, add the following before the closing
The following code snippet can serve as a quick test whether your application requires (and is properly granted) the Administrator level privileges. Declare the required elevation level of your application as
requireAdministrator and execute the following procedure:
The application displays one of the following messages:
Unable to write to registry. Your application does NOT have Administrator level privileges.
Write to registry permitted. Your application has Administrator level privileges.
This test works because you need Administrator level privileges in order to write to the
HKEY_LOCAL_MACHINE\Software part of the registry.
The snippet does not actually write anything to the registry, it just requests the write permission.
Make sure that you build your application and then execute it outside of the IDE, because the IDE will debug the application with Administrator level privileges by default (not respecting your application manifest).
© 2021 - Sofiane Hamlaooui - Making the world a better place 🌎