How to set 'Run as administrator' on a file using Inno Setup

You can add a Registry entry in [Registry] Section that will set run as Administrator as a default action for running this app.

Example:

Root: "HKLM"; Subkey: "SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers"; \
    ValueType: String; ValueName: "{app}\tomcat7w.exe"; ValueData: "RUNASADMIN"; \
    Flags: uninsdeletekeyifempty uninsdeletevalue; MinVersion: 0,6.1

Add the runascurrentuser flag attribute to the [Run] section

Filename: "{app}\{#MyAppExeName}"; Description: "{cm:LaunchProgram,{#StringChange(MyAppName, '&', '&&')}}"; Flags: runascurrentuser nowait postinstall skipifsilent; 

If you really want to set the "Run as administrator" flag of the shortcut (as opposite to forcing the target application run with administrator privileges), you can use this code:

[Icons]
Name: "{userdesktop}\My Program"; Filename: "{app}\MyProg.exe"; \
  AfterInstall: SetElevationBit('{userdesktop}\My Program.lnk')

[Code]

procedure SetElevationBit(Filename: string);
var
  Buffer: string;
  Stream: TStream;
begin
  Filename := ExpandConstant(Filename);
  Log('Setting elevation bit for ' + Filename);

  Stream := TFileStream.Create(FileName, fmOpenReadWrite);
  try
    Stream.Seek(21, soFromBeginning);
    SetLength(Buffer, 1);
    Stream.ReadBuffer(Buffer, 1);
    Buffer[1] := Chr(Ord(Buffer[1]) or $20);
    Stream.Seek(-1, soFromCurrent);
    Stream.WriteBuffer(Buffer, 1);
  finally
    Stream.Free;
  end;
end;

---

This is based on:

• LinkFlags in [MS-SHLLINK]: Shell Link (.LNK) Binary File Format;
• How to create a Run As Administrator shortcut using Powershell;
• How can I use JScript to create a shortcut that uses "Run as Administrator"

---

Tested on Unicode version of Inno Setup. But it should, even more naturally, work on Ansi version too, though you should use Unicode version anyway.

---

If you want to allow user to execute the program at the end of the installation using a postinstall entry in [Run] section, you will of course need to explicitly request the elevation.

If the installer runs with Administrator privileges, you can simply add runascurrentuser flag:

[Run]
Filename: "{app}\MyProg.exe"; Description: "Launch application"; \
    Flags: postinstall nowait skipifsilent runascurrentuser 

If the installer runs without Administrator privileges, set Verb parameter to runas (for that you also need shellexec flag):

[Run]
Filename: "{app}\MyProg.exe"; Verb: runas; Description: "Launch application"; \
    Flags: postinstall nowait skipifsilent shellexec

---

Though, make sure you have a very good reason to run your application with Administrator privileges. User applications should not need Administrator privileges. If they need it, it's usually a sign of a bad design. One common (bad) reason to want an application to run with Administrator privileges, is that the application needs to write to its installation folder.

See Application does not work when installed with Inno Setup