Not as stupid as it sounds ;)
I have a third party app that I have no source for. Official support is for XP and higher - but higher only with UAC off. Which I do not want.
Now, I know the programmers and they are willing to make a change if it is not too much work and I can tell them WHAT Needs to be done.
I know that the app, which starts multiple executables, does not get network connection when I start it without elevated priviledges - but it seems no port that is open is in the loer range (as per netstat -b
Is there any guideline on trying to find out WHY an app needs elevated priviledges? THe applicaiton is business critical - and this currently subverts secutiry as users must be local admins. If anyone has an idea - once I find the reason I am sure I can get the vendor implement a change.
As per one of the comments, your best bet is likely to be using Sysinternals' Process Monitor to see what is being tried and failing due UAC.
Download Process Monitor from http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx
Run process monitor, run your borked, obsolete, badly coded app, go to process monitor > filter >
if Process Name is <borkedapp> then Includeandif Result is Success then Excludewhich should give you a mere few thousand entries to scan for the bit that is failing.Alternatively there is a tool linked below (I have not tried it) that will help you compare process monitor traces so you can take a trace running as standard user and another running elevated and compare them.
http://forum.sysinternals.com/tool-for-comparing-procmon-traces_topic28870.html
https://github.com/patraulea/LogDiff
tIn addition to Blue's answer, there are tools for migrating applications to Windows 7. Even though your app says it's Windows 7 compatible, running it through this ringer would tell you what is needed for your app to correctly function with UAC on. You may even be able to create a 'shim' which modifies certain settings when your app runs. I believe the tool is called the Standard User Analyzer http://technet.microsoft.com/en-us/library/cc766021(v=ws.10).aspx.
I'll also add that a lot of the times the elevated privileges can be avoided by granting the appropriate permissions, i.e., giving the user modify rights to the C:\Program Files\ folder and subfolders.