Windows Vista and later has a security feature - User Account Control (UAC). With UAC, even on administrator accounts most processes (running programs) have limited privileges. It creates problems for many programs. This topic describes problems that may have QM because of UAC, and gives workarounds for most of them. You also may want to read about running QM-created programs.
If UAC is on, there are several predefined privilege sets, known as integrity levels (IL). An IL is assigned to a process (running program) before starting it, and cannot be changed while it is running. The table gives some information about different integrity levels.
| IL | Comments |
|---|---|
| High | The process runs as administrator.
When starting a process that needs administrator privileges, usually is shown a dialog with name "User Account Control" (consent dialog). The process then is called elevated. The program can be marked to require such privileges, or you can run it as administrator using the right-click menu, or you can set it to run as administrator in file properties dialog, or if Windows decides that it is a setup program. A process launched by a process that has administrator privileges also has administrator privileges, but does not require a consent.
By default, QM runs with High IL (as administrator), although you can change it in Options. To create better user experience, a consent dialog is not shown when QM starts. Otherwise QM would be blocked at Windows startup. Also, processes launched by QM have Medium IL by default. |
| Medium | The process runs as standard user, like on a non-administrator account. It has limited privileges. For example, It cannot write to Windows and Program Files folders, cannot write to most registry keys, cannot manipulate services, and much more. Also, it cannot interact (use keyboard, mouse and menu commands, send messages, use hooks, etc) with higher IL processes.
Most processes have Medium IL. Windows Explorer too. QM runs with Medium IL if in Options is selected UAC: run as User, which is not recommended. |
| uiAccess | The process has Medium IL, but is allowed to interact (use keyboard, mouse and menu commands, send messages, use hooks, etc) with High IL and uiAccess processes.
Only few programs have uiAccess privileges. QM runs with uiAccess privileges if in Options is selected UAC: run as uiAccess, which is recommended if you don't want QM running as administrator. On non-administrator accounts, QM runs as uiAccess by default. |
| Low | The process has minimal privileges. It can write only to several predefined folders and registry keys. Normally, with Low IL runs only Internet Explorer, when protected mode is on. QM does not have an option to run as Low, but macros that are set to run in separate process can run as Low. |
| System | Highest privileges. Normally only services and some system processes run with System IL. QM does not have an option to run as System. |
Q. What IL uses QM? Can it be changed?
A. By default QM runs as administrator. It can be changed in Options.
Q. Should QM run as administrator, uiAccess, or standard user? When it has less problems with UAC?
A. QM has less problems when it runs as administrator.
Q. Is it safe if QM runs as administrator?
A. It is quite safe. Programs started by QM (run) have medium IL. If you think it is not safe, you can set it to run as uiAccess. The User mode (Medium IL) is not recommended.
Q. Can some macros run with different IL than QM?
A. Yes, if they run in separate process. You can set it in Properties.
Q. Is it possible to turn off UAC?
A. Yes, you can completely turn off UAC in Control Panel -> User Accounts. Some options can be changed in local security policy (run "secpol.msc"). For example, you can set to elevate without consent, or to show consent in default desktop.
Q. Is it possible to run a program as administrator without a consent dialog?
A. Use flag 0x10000 or 0x20000 with run. Or use function StartProcess. Or, in macro properties, check "Run in separate process" and select "Administrator" or "Highest available". It is possible only from QM (except portable). Without QM, it is possible for example using Windows Task Scheduler.
Q. Is it possible to automatically close the consent dialog for some programs?
A. There is no such option in Windows. QM also cannot automate it because the dialog is created in a secure desktop. If the dialog is not in a secure desktop (you can set it in local security policy), then you can create a function that closes it.
You can find more information about UAC on the Internet. If you need QM-specific information, you can ask about it in QM forum.
See also: GetProcessUacInfo, IsUserAdmin
These problems are common to all integrity levels.
To solve most other UAC-related problems, you can set QM or separate macros to run with appropriate IL. The information below should help you decide what IL you should use.
Some operations are not allowed between different IL processes. Although most of them are not allowed only when initiated by the lower IL process, some of them also are not allowed when initiated by the higher IL process.
Some functions and other QM features require administrator privileges. If QM (or exe) is not running as administrator, these features don't work.
Everything above also does not work on non-administrator user accounts on all OS.
Possible workarounds: 1. In Properties, check "Run in separate process" and select Administrator. 2. Run QM as administrator. 3. Turn off UAC.
The following functions don't work with higher IL windows unless QM (or exe) is running as administrator or uiAccess. This is more actual for exe, because QM can run as administrator or uiAccess.
This should not be a big problem, because normally most programs don't run as administrator. Administrative programs usually are used briefly and don't need to be automated.
Possible workarounds (QM): 1. In Properties, check "Run in separate process" and select Administrator. 2. Run QM as administrator or uiAccess. 3. Turn off UAC.
Possible workarounds (exe): 1. Run exe from QM: in Properties check "Run in separate process" and select As QM (if QM runs as administrator or uiAccess) or Administrator. If you need to launch it from e.g. desktop, create shortcut to run the macro (in Properties). Of course, QM must be installed. 2. Set uiAccess="true" in the manifest, sign the exe file, and put it in Program Files folder. It works well on any computer (QM is not needed). Read more about signing in the make exe topic. 3. Run exe as administrator. It requires consent, unless exe is started from another program that is running as administrator. 4. If possible, don't run target programs as administrator. 5. Turn off UAC.
QM is a 32-bit program, but it runs well on 64-bit Windows.
If QM is running on 64-bit Windows, special variable _win64 is 1, else 0.
On 64-bit Windows, there are separate System and Program Files folders for 64-bit and 32-bit programs.
Special folder "$program files$" expands to the 32-bit folder ("Program Files (x86)"). QM is installed there. Environment variable "%ProgramW6432%" expands to the 64-bit folder ("Program Files").
Special folder "$system$" expands to the 64-bit folder path ("C:\Windows\System32"), but actually is used the 32-bit folder ("C:\Windows\SysWOW64"). That is, run will launch 32-bit versions of programs, unless flag 0x4000 used. See also this forum post.
Also, there are some separate registry locations for 32-bit programs.