I wrote a UWP app (let's call it "server") with the UWP service inside it and a C++ desktop app (let's call it "client") that connects to the server's UWP service using the WinRT API. The following code works as expected if the client application is run as a login user:: //Executed inside newly created thread winrt::init_apartment(); connectionStatus = _appServiceConnection->OpenAsync().get(); winrt::uninit_apartment(); But this code doesn't work if I run the "client" application "as an administrator". (connectionStatus == AppServiceConnectionStatus::Unknown and I see "access denied" exception deeply inside windows libraries). I don't need to use the WinRT API with admin rights, but other parts of the "client" app sometimes need to do this. Thus, the user should be able to run the "client" with or without administrator rights. I have a separate thread dedicated to connecting to the UWP service and processing connection. I tried to drop the elevated rights of the thread security token, but was unsuccessful. Steps to reproduce: Clone sample UWP service application ("server"): https://github.com/L-proger/UwpService.git Clone sample service client application ("client"): https://github.com/L-proger/UwpServiceClient.git Build and deploy UwpService application In VisualStudio in project UwpService open "Package.appxmanifest" file in designer. Go to tab "Packaging", copy value of "Package family name" field. Open UwpServiceClient project, open file "UwpServiceClient.cpp", go to line 14, replace PackageFamilyName with your own, copied in step 4 Build and run UwpServiceClient application. Working case: In step 6 you will see "Connect success!" message in console output. Not working case: Run VisualStudio with administrator privileges, repeat step 6, you will see "Connect fail!" message in console output. Or run compiled UwpServiceClient executable from Explorer by right-clicking it and selecting "Run as administrator". Or run powershell terminal as administrator and run UwpServiceClient executable using terminal. Do you have any suggestions?

Calling the AppServiceConnection's openAsync() method fails if the app is started with administrator privileges

L-proger 6

I wrote a UWP app (let's call it "server") with the UWP service inside it and a C++ desktop app (let's call it "client") that connects to the server's UWP service using the WinRT API.

The following code works as expected if the client application is run as a login user::

//Executed inside newly created thread
winrt::init_apartment();
connectionStatus = _appServiceConnection->OpenAsync().get();
winrt::uninit_apartment();

But this code doesn't work if I run the "client" application "as an administrator". (connectionStatus == AppServiceConnectionStatus::Unknown and I see "access denied" exception deeply inside windows libraries).

I don't need to use the WinRT API with admin rights, but other parts of the "client" app sometimes need to do this. Thus, the user should be able to run the "client" with or without administrator rights.

I have a separate thread dedicated to connecting to the UWP service and processing connection. I tried to drop the elevated rights of the thread security token, but was unsuccessful.

Steps to reproduce:

Clone sample UWP service application ("server"): https://github.com/L-proger/UwpService.git
Clone sample service client application ("client"): https://github.com/L-proger/UwpServiceClient.git
Build and deploy UwpService application
In VisualStudio in project UwpService open "Package.appxmanifest" file in designer. Go to tab "Packaging", copy value of "Package family name" field.
Open UwpServiceClient project, open file "UwpServiceClient.cpp", go to line 14, replace PackageFamilyName with your own, copied in step 4
Build and run UwpServiceClient application.

Working case: In step 6 you will see "Connect success!" message in console output.

Not working case: Run VisualStudio with administrator privileges, repeat step 6, you will see "Connect fail!" message in console output. Or run compiled UwpServiceClient executable from Explorer by right-clicking it and selecting "Run as administrator". Or run powershell terminal as administrator and run UwpServiceClient executable using terminal.

Do you have any suggestions?

Fay Wang - MSFT 5,191 Reputation points

2020-04-17T03:17:15.893+00:00

After did some researching on using AppService between win32 app and UWP app. I have some questions about your scenario. First, may I know if your C++ desktop app is a console app or other kind of app like WPF? Second, when using AppService to communicate between win32 app and uwp app, they are packaged in the same desktop bridge app. The win32 app will be launched by the UWP app. Could you please tell me how did you run the win32 app as an administrator?
L-proger 6 Reputation points

2020-04-17T14:07:46.84+00:00

My "client" app is just a regular x64 C++ console application (/SUBSYSTEM:CONSOLE). It is not packaged with the UWP "server" application. To access the UWP service from the desktop world, I link "client" app with "windowsapp.lib" and used WinRT C++ API. Since my "client" console application is not packaged with the UWP server application in any way, there is no problem running it as an "administrator". I tested under VisualStudio running as an administrator. Either right-click the executable file in Explorer and select Run as administrator, or run the executable file in the powershell console with administrator rights.

Without administrator rights, the "client" console application can connect to the UWP service as expected. When running with admin rights, I get " AppServiceConnectionStatus:: Unknown "as a result of "appServiceConnection->OpenAsync().get()" .
L-proger 6 Reputation points

2020-04-17T16:51:39.517+00:00

I updated Issue text with example projects and steps to reproduce.
Fay Wang - MSFT 5,191 Reputation points

2020-04-21T10:06:38.563+00:00

OK, I can reproduce this issue, but I'm not sure why caused this, I will ask the team to confirm it.
Fay Wang - MSFT 5,191 Reputation points

2020-04-22T08:26:35.783+00:00

Hi, according to the reply from team, app service connections are not supported in elevated processes.
L-proger 6 Reputation points

2020-04-22T10:56:58.703+00:00

Hello,
I see it. But what is the reason? Is there a workaround? Maybe I can do something with the service communication thread inside the desktop ("client") application? Is there a way to drop the elevation for single thread?

If I can’t do anything with my situation, then how can I correctly implement the communication between the UWP and Desktop apps on the same computer? Which is the right way? As far as I know, I cannot use sockets for this purpose, because UWP applications cannot see localhost.
Fay Wang - MSFT 5,191 Reputation points

2020-04-23T08:34:42.907+00:00

Currently, you can't run your "client" app as an administrator to connect, this is not supported. So you need to run your client application as a login user, in this case, you can communicate between the UWP and Desktop app by app service.
KRITI JAIN 0 Reputation points

2023-06-29T06:43:22.7466667+00:00

Hi,

We have a very similar scenario. Is there any update on possible approaches to solve this?