Running programs for non-previleged users on XP

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

Scenario
===========

(1) You write a program using some programming language, say, C#.

(2) You make an assembly out of the program by compiling it. It is a
single module assembly.

(3) You create a setup program for this.

(4) During the setup, the user, an administrator group user, selects
the option, "Install this program for all the people who use this
computer, and not just for me."

(5) The administrator group user finishes installing the program. Then
he goes on to use it. He is able to use it.

(6) The administrator group user logs off.

(7) Another user, let's call him by the name John, who's only a
"regular user" who does not belong to the administrator group (not even
a Power User), logs in and wants to use the program. He double-clicks
on the program exe icon on the desktop. It doesn't work for him.


Questions:
============
(1) Is is even possible or a reasonable demand that the user who does
not have administrative previliges be able to use the program. It must
be noted that the intention is so, since the administrator who
installed the program supplied the choice "Install for everyone" while
installing it.

(2) If it is possible and a reasonable demand, how can it be
accomplished?


* I present an oversimplified version of the problem only to focus on
the bare essentials of the problem.
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

Sounds like a permission problem. Check your NTFS permissions on the folder
where the program has installed. Verify the user can / cannot acces that
folder. Also check the root drive for the presence of "Creater Owner" in the
NTFS Permissions. That group will only give the creater of folders/files
permission to read. All other non adims will be denied.

"Sathyaish" wrote:

> Scenario
> ===========
>
> (1) You write a program using some programming language, say, C#.
>
> (2) You make an assembly out of the program by compiling it. It is a
> single module assembly.
>
> (3) You create a setup program for this.
>
> (4) During the setup, the user, an administrator group user, selects
> the option, "Install this program for all the people who use this
> computer, and not just for me."
>
> (5) The administrator group user finishes installing the program. Then
> he goes on to use it. He is able to use it.
>
> (6) The administrator group user logs off.
>
> (7) Another user, let's call him by the name John, who's only a
> "regular user" who does not belong to the administrator group (not even
> a Power User), logs in and wants to use the program. He double-clicks
> on the program exe icon on the desktop. It doesn't work for him.
>
>
> Questions:
> ============
> (1) Is is even possible or a reasonable demand that the user who does
> not have administrative previliges be able to use the program. It must
> be noted that the intention is so, since the administrator who
> installed the program supplied the choice "Install for everyone" while
> installing it.
>
> (2) If it is possible and a reasonable demand, how can it be
> accomplished?
>
>
> * I present an oversimplified version of the problem only to focus on
> the bare essentials of the problem.
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

It really depends on what the program was written to do.
For example, if in brain-dead fashion the application had been written to
access for Write specific areas, like c:\Windows or some key in HKLM,
as part of its initialization, then you would experience this scenario.

I really do not understand your question 2, and also whether you are
saying "demand" in the context that a .Net developer would use that term.

--
Roger Abell
Microsoft MVP (Windows Security)
MCSE (W2k3,W2k,Nt4) MCDBA
"Sathyaish" <Sathyaish@Yahoo.com> wrote in message
news:1116862782.530525.182880@g44g2000cwa.googlegroups.com...
> Scenario
> ===========
>
> (1) You write a program using some programming language, say, C#.
>
> (2) You make an assembly out of the program by compiling it. It is a
> single module assembly.
>
> (3) You create a setup program for this.
>
> (4) During the setup, the user, an administrator group user, selects
> the option, "Install this program for all the people who use this
> computer, and not just for me."
>
> (5) The administrator group user finishes installing the program. Then
> he goes on to use it. He is able to use it.
>
> (6) The administrator group user logs off.
>
> (7) Another user, let's call him by the name John, who's only a
> "regular user" who does not belong to the administrator group (not even
> a Power User), logs in and wants to use the program. He double-clicks
> on the program exe icon on the desktop. It doesn't work for him.
>
>
> Questions:
> ============
> (1) Is is even possible or a reasonable demand that the user who does
> not have administrative previliges be able to use the program. It must
> be noted that the intention is so, since the administrator who
> installed the program supplied the choice "Install for everyone" while
> installing it.
>
> (2) If it is possible and a reasonable demand, how can it be
> accomplished?
>
>
> * I present an oversimplified version of the problem only to focus on
> the bare essentials of the problem.
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

If I am understanding your question correctly, yes it is very reasonable to
insist a user be able to use an application without having Admin rights.
I've banged heads with multiple vendors over the years. One distributed
software that Reservation agents had to use for their phone functions. By
default the software would not run without Admin rights. What didn't seem
reasonable was they were telling me I had to make every reservation agent a
local admin on each and every computer. The agents couldn't do their job
without the software and I couldn't have them as local admins. I ended up
going through the registry and NTFS permissions granting users access, until
I found out how to make their software run as a local user.

In my opinion, developers need to take the time to make their setup packages
set all the appropriate permissions up front. It absolutely wrong to insist
on running the software under the Local Admin context.

"Roger Abell" <mvpNOSpam@asu.edu> wrote in message
news:u8R9LMTYFHA.2572@TK2MSFTNGP14.phx.gbl...
> It really depends on what the program was written to do.
> For example, if in brain-dead fashion the application had been written to
> access for Write specific areas, like c:\Windows or some key in HKLM,
> as part of its initialization, then you would experience this scenario.
>
> I really do not understand your question 2, and also whether you are
> saying "demand" in the context that a .Net developer would use that term.
>
> --
> Roger Abell
> Microsoft MVP (Windows Security)
> MCSE (W2k3,W2k,Nt4) MCDBA
> "Sathyaish" <Sathyaish@Yahoo.com> wrote in message
> news:1116862782.530525.182880@g44g2000cwa.googlegroups.com...
>> Scenario
>> ===========
>>
>> (1) You write a program using some programming language, say, C#.
>>
>> (2) You make an assembly out of the program by compiling it. It is a
>> single module assembly.
>>
>> (3) You create a setup program for this.
>>
>> (4) During the setup, the user, an administrator group user, selects
>> the option, "Install this program for all the people who use this
>> computer, and not just for me."
>>
>> (5) The administrator group user finishes installing the program. Then
>> he goes on to use it. He is able to use it.
>>
>> (6) The administrator group user logs off.
>>
>> (7) Another user, let's call him by the name John, who's only a
>> "regular user" who does not belong to the administrator group (not even
>> a Power User), logs in and wants to use the program. He double-clicks
>> on the program exe icon on the desktop. It doesn't work for him.
>>
>>
>> Questions:
>> ============
>> (1) Is is even possible or a reasonable demand that the user who does
>> not have administrative previliges be able to use the program. It must
>> be noted that the intention is so, since the administrator who
>> installed the program supplied the choice "Install for everyone" while
>> installing it.
>>
>> (2) If it is possible and a reasonable demand, how can it be
>> accomplished?
>>
>>
>> * I present an oversimplified version of the problem only to focus on
>> the bare essentials of the problem.
>>
>
>
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom