Connect to an elevated COM server from a non-elevated process

Question

We have a program which launches a child process that hosts a local COM server, which for various reasons must be launched elevated. Everything works fine so long as both the parent and the child process are elevated.

However, we also want to run when the parent process is non-elevated. Launching the child process results in a UAC dialog (which is acceptable), and the child appears to start correctly and successfully calls CoRegisterClassObject. However, the parent process gets REGDB_E_CLASSNOTREG when calling CoCreateInstance with the same CLSID.

I assume this is some sort of permissions issue. How can I register my class in the elevated server to allow it to be called from a non-elevated process?

Answer 1

Interprocess COM marshalling messages are subject to Vista's UIPI. I suggest you to use some other ways to communicate, such as a named pipe with ACL modified, sockets/WCF/Remoting with private protocols, etc to allow an unprivileged user to access.

Answer 2

Read The COM Elevation Moniker for couple of ways to access elevated out-of-proc server.