Attaching or embedding manifest files

If you want to deploy an application to the Windows Vista operating system that meets the certification requirements of the Windows Vista Logo program, you must follow User Account Control (UAC) guidelines. The executable file must have an embedded manifest that defines the execution level and specifies whether access to the user interface of another window is required. The Vista Application Information Service (AIS) checks the manifest file to determine the privileges with which to launch the process. Use the Security tab page in the Project painter to specify these properties.

Generate options

Select Embedded manifest if your application needs to be certified for Vista. A manifest file with the execution level you select is embedded in the application's executable file.

You can also select External manifest to generate a standalone manifest file in XML format that you ship with your application's executable file, or No manifest if you do not need to distribute a manifest file.

Execution level

Select As Invoker if the application does not need elevated or administrative privileges. Selecting a different execution level will probably require that you modify your application to isolate administrative features in a separate process to receive Vista certification.

Select Require Administrator if the application process must be created by a member of the Administrators group. If the application user does not start the process as an administrator, a message box displays so that the user can enter the appropriate credentials.

Select Highest Available to have the AIS retrieve the highest available access privileges for the user who starts the process.

UI access

If the application needs to drive input to higher privilege windows on the desktop, such as an on-screen keyboard, select the "Allow access to protected system UI" check box. For most applications you should not select this check box. Microsoft provides this setting for user interface Assistive Technology (Section 508) applications.

Authenticode signing required

If you check this box, the application must be Authenticode signed and must reside in a protected location, such as Program Files or Windows\system32.