I have a situation where I have a WCF service where we authorize that the user is a member of a group that our product creates to get access to our WCF methods. To make the out-of-the-box experience better for the situation when the installation user runs
our UI client on the same machine as the WCF service right after the install we also check if the user is a member of the Administrators group; our product requires the installer be an Administrator. This solves the problem where we add the user to our group,
but the user has to logout and then login to update his token so that they can run our product. This all works fine except under UAC because the check to see if the user is a member of the Administrators group comes back false. The UI client does not need
to run with Administrative priveleges except for this one check in this one situation.
One way to get around this is for the user to right click on the shortcut and “run as Administrator, but the user isn’t going to know to do this, they will just double click and the connection will fail. We could document this, but most users do not read
the documentation. I was thinking about detecting if UAC is enabled and if the user fails to connect telling them to run as administrator. I don’t really like any of these options. Does anyone have a good solution for this.