Archived from groups: microsoft.public.windowsxp.security_admin (
More info?)
huff-n-puff wrote:
> Hi
>
> We are running an old'ish application which was originally written to use
> windows 2000 pro with a FAT32 hard disc.
> We are now trying to upgrade the workstations to windowsXP with NTFS hard
> disc.
>
> This has posed a problem as the application tries to write to the root of
> the C:\ drive as well as C:\windows, C:\windows\system and C:\windows\fonts.
> The application fails because the user does not have permission to modify
> these areas.
>
> I am loathed to give the user permission over the whole of the c:\ drive and
> the system folders in case they break anything.
>
> These new systems can not use FAT32 as the hard discs are large, and the ris
> build we use formats in NTFS anyway.
>
> Can anyone advise a method of solving this problem?
>
> thanks
>
> M
This is quite common if the software was designed for Win9x/Me, or
if it was intended for WinNT/2K/XP, but was improperly designed. Quite
simply, the installation routine for this application doesn't "know"
how to handle individual user profiles, or the application tries to
make changes to "off-limits" sections of the registry. Quite often,
you can make this software available to other users by _copying_ the
Start Menu folder and Desktop folder shortcuts from the user profile
from which the software was installed in the corresponding folders in
the user profile(s) in which you'd like the software to be accessible.
If the application is something that can/should be made available to
all current and future users, copying the shortcuts into the
corresponding locations of the All Users profile will do the trick.
For some obscure reason, game developers in particular seem to not
understand WinXP's file security paradigm, and require even limited
users to have unnecessarily high privileges to protected systems
folders. For example, saved games are often stored in a sub-folder
under the game's folder within C:\Program Files - a place where no
inexperienced or limited user should have write permissions.
NOTE: This may not work if the software requires access to parts
of the hard drive and/or registry that are not normally accessible to
regular users. (This won't occur if the application was properly
written.) If this does prove to be the case, however, you're left
with two options: Either grant the necessary users appropriate higher
access privileges (either as Power Users or local administrators), or
replace the application with one that was properly designed
specifically for WinNT/2K/XP.
Some Programs Do Not Work If You Log On from Limited Account
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q307091
Additionally, here are a couple of tips suggested, in a reply to a
different post, by MS-MVP Kent W. England:
"If your game or application works with admin accounts, but not with
limited accounts, you can fix it to allow limited users to access the
program files folder with "change" capability rather than "read" which
is the default.
C:\>cacls "Program Files\appfolder" /e /t /p users:c
where "appfolder" is the folder where the application is installed.
If you wish to undo these changes, then run
C:\>cacls "Program Files\appfolder" /e /t /p users:r
If you still have a problem with running the program or saving
settings on limited accounts, you may need to change permissions on
the registry keys. Run regedit.exe and go to HKLM\Software\vendor\app,
where "vendor\app" is the key that the software vendor used for your
specific program. Change the permissions on this key to allow Users
full control."
--
Bruce Chambers
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html
You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
Facebook
Twitter
Instagram