Hello,
If your application does not have a digital signature and has uiAccess=true in its manifest, it will fail with "A referral was returned from the server."
(No, notepad does not have a digital signature :)
Applications that request uiAccess=true must have a valid, trusted digital signature to execute.
Also, applications by default must reside in a trusted location on the hard drive (such as windows or program files) to receive the uiAccess privilege. They will still run if they are not in one of these locations, but they will not receive the privilege. You can disable this security feature through the local security policy mmc snap-in.
If you want to create a trusted "test" certificate to sign your application with so that you can use your application on your current machine, here's how:
NOTE: These instructions assume you have visual studio installed and are using a command prompt that has all the environment variables set to find SDK utilities such as makecert and signtool. If not, you will need to find these tools on your hard drive before running them.
***
1) Open an elevated command prompt
- Click start
- Find Cmd Shell or command prompt
- Right-click, click Run As Administrator
2) Create a trusted root certificate
- Browse to the folder that you wish to contain a copy of the certificate
- In the command shell, execute the following commands:
makecert -r -pe -n "CN=Test Certificate - For Internal Use Only" -ss PrivateCertStore testcert.cer
certmgr.exe -add testcert.cer -s -r localMachine root
3) Sign your file
- In the command shell, browse to the location of your exe
- In the command shell, type:
SignTool sign /v /s PrivateCertStore /n "Test Certificate - For Internal Use Only" /t http://timestamp.verisign.com/scripts/timestamp.dll APP.exe
Where APP.exe is your application.
***
- JB
Microsoft MVP - Windows Shell
