Just for reference of who, like me, comes to this old thread in hope of an answer, I add my solution.
Note however that there are so many factors influencing the behaviour of Windows' security features, that you can not expect this to work for everyone.
My situation is a straightforward install (i.e. no options that I am aware of) of a plain Windows 7 SP1 Professional in a virtual machine of VirtualBox 5.18, running on an Ubuntu 18.04 host. The VM has a single user, me, that also has administration rights. User Account Control (UAC) settings are not tampered with: I did try the different suggestions in this thread regarding UAC, but without success, so I restored the 'as installed' snapshot.
I noted that in a cmd prompt ran 'as administrator', i.e. with elevated rights, the output of the command
net use is exactly the same as in a normal cmd prompt, even though the elevated prompt cannot access the shared folders under their assigned drive letter. In both prompts the output is (in Dutch) :
Code: Select all
C:\Windows\system32\:> net use
Nieuwe verbindingen worden opgeslagen.
Status Lokaal Extern Netwerk
-------------------------------------------------------------------------------
F: \\vboxsrv\F_ramdisk VirtualBox Shared Folders
G: \\vboxsrv\G_win-gschijf VirtualBox Shared Folders
H: \\vboxsrv\H_dirk VirtualBox Shared Folders
I: \\vboxsrv\I_sdata VirtualBox Shared Folders
De opdracht is voltooid.
With this knowledge you can format the output of
net use in an elevated prompt to mount the shared folders under the same drive letters for my user with elevated rights. And it requires no messing up the default UAC settings.
In a batch file (to be executed with administrative rights) that would be :
Code: Select all
@rem In a bat file use double %%
for /f "tokens=1,2" %%i in ('net use ^| find "\\vboxsrv\"') do net use /persistent:no %%i %%j
I added a task to the Task Scheduler, that runs this batch file 30 seconds after logon,
'with highest privileges', which turn out to be elevated rights for my user with administration rights.
When executed directly on a command line of an elevated command prompt it becomes :
Code: Select all
@rem On a command line use single %
for /f "tokens=1,2" %i in ('net use ^| find "\\vboxsrv\"') do net use /persistent:no %i %j
The option
/persistent:no is very important: when mounting the shared folders persistently, on a next boot Windows mounts them again on the same drive letters, before the Guest Additions act. The Guest Additions would then detect that these drive letters are in use, and mount the shared folders for the non-elevated user to the next available drive letters.
After executing the above commands, the elevated prompt has access to the shared folders under the same drive letter as a non-elevated prompt.
Accessing them from an Explorer window is a different matter. When you try to run, for instance, an installer that is in a shared folder via it's drive letter, by right clicking on it in Explorer and choosing "run as administrator", you still get the message that the path is not found. For this you need to
run Explorer as administrator as well, which is not straightforward.
In a plain Windows installation, all Explorer windows are spawned by the primary Explorer instance that holds the Desktop. Even when you try to start explorer.exe as administrator, that request is passed on to the Desktop instance of Explorer, and ran as not-an-administrator.
Though it works, I do not particularly like this solution, executed from an elevated command prompt, that kills all Explorer instances, even the Desktop one, and starts Explorer anew with elevated rights:
Code: Select all
C:\Windows\system32\> tskill explorer & explorer
In most cases I prefer the Explorer look-alike that you can start by entering
C:\ or whatever local path in the adress bar of an Internet Explorer instance that you run as administrator. You can run Internet Explorer as administrator by right clicking on a link to it in your start menu, not on e.g. the Internet Explorer icon that miraculously appears on your desktop, without being a
.lnk file in your
%userprofile%\Desktop folder.