Windows 7 - How to make a raw PDO device accessible from user mode code in con

Asked By sinosoidal on 11-Aug-09 05:35 AM

I have a raw pdo device which sample code needs administrative rights in
order to work, othwerwise fails with an access denied error.

Which SSDL should I use to have it working under user mode code?

I have tried SDDL_DEVOBJ_SYS_ALL but this specifies that the code must run
as system.

I am trying to put the sample code that right now runs on the console, into a
control panel applet.

Should the applet run as system?

Some help would be really appreaciatted.


Maxim S. Shatskih replied on 11-Aug-09 01:37 PM
No, as current interactive user, which is probably limited.

Maxim S. Shatskih
Windows DDK MVP
sinosoidal replied on 12-Aug-09 06:27 AM
Hi Maxim,

I have this USB device, which is sticked to HID class so I cannot access it

I then implemented a raw PDO for sideband communication... done! It works.

However, for this to work I need to call the application with administrative

I am making a control panel applet to control some device specific features
from the control panel. Working, but with that gotcha... this is, I need to
call Visual Studio with administrative rights in order for it to work.

My question is... what kind of SDDL do I need to specify in the raw pdo
creation in order to have that code accessible under this circunstances?

I have already tried this SDDLs:


Any tips?


Tim Roberts replied on 13-Aug-09 11:48 PM
These names are not really that hard to read, are they?  If you want a
non-admin user (i.e., WORLD) to have full access, then there had better be
a WORLD name in the SDDL.  If you want everyone to have full access, you would

If you want to limit restricted users to read-only, then you would  want
Tim Roberts,
Providenza & Boekelheide, Inc.