I can't change the registry value in vb, please help.
Dim regKey As RegistryKey
regKey=Registry.CurrentUser.OpenSubKey("Software\Microsoft\Windows\CurrentVersion\Policies\System", True)
regKey.SetValue("DisableTaskMgr", 1, RegistryValueKind.DWord)
regKey.Close()
Error
An unhandled exception of type 'System.Security.SecurityException' occurred in mscorlib.dll
Requested registry access is not allowed.
Execute your application with admins rights :
Projet's properties
Show Windows parameters (this open app.manifest)
Change <requestedExecutionLevel level="asInvoker" uiAccess="false" />
to <requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
I got it by opening visual studio as Administrator.
Related
I make an Outlook add-in with the VSTO. But When i build, the value in the generated manifest are not the desired ones.
The generation done :
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
And i want :
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="true" />
</requestedPrivileges>
How can i changed the this value?
Thanks
Execution manifests are only applicable to the exe files; COM addins are dlls loaded in the outlook.exe process space. Your code will run with whatever privileges the parent process (Outlook) is running.
We have a VB6 program (developed over many years) that gets installed by us on customers machines.
I have now added a VB.Net program to the mix that gets run (ShellExecute'ed)from the VB6 program under certain circumstances.
Is there any way that I can prevent customers machines (running W7/8/10) popping up the UAC dialog box?
The VB.Net prog has a Manifest that contains all the stuff that others have suggested and make no difference:
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
<applicationRequestMinimum>
<defaultAssemblyRequest permissionSetreference="FullTrust" permissionSetReference="FullTrust" />"
<PermissionSet version="1" ID="FullTrust" unrestricted="true" SameSite="site" Unrestricted="true">
<IPermission class="System.Security.Permissions.FileDialogPermission, mscorlib, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Unrestricted="true" />
</PermissionSet></applicationRequestMinimum>
Any help gratefully received
Cheers
Dave
Solved...
Changed the ShellExecute in the VB6 prog to a shell and problem solved
I am migrating a working outlook add-in to run on outlook 2013 and getting the error ""Configuration system failed to initialize".
The app.config file is fine as the add-in loads and works when I am trying to run it from the visual studio 2010. However, when I create the deployment msi (created using WiX and ms bootstrapper) and installed it on the development machine it did not work.
On inspection I found that no user.profile is created in the c:\users\\AppData\Local... folder. So I have a hunch that something is stopping the add-in from creating this file. However, I am also writing a log file from the add-in and that seems to be creating fine.
My dll.manifest file has:
<trustInfo>
<security>
<applicationRequestMinimum>
<PermissionSet Unrestricted="true" ID="Custom" SameSite="site" />
<defaultAssemblyRequest permissionSetReference="Custom" />
</applicationRequestMinimum>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
Am I missing something?
Any clues? Thanks for your time.
We currently have an MSI that is created with WiX 3.5. The application is in .NET 3.5. We generate a bootstrapper using the boostrapper task in an MSBuild file. It's pointing at the 6.0a SDK files.
When users have UAC on and they install, they have to right-click the setup.exe and select run-as administrator.
What I would really like is to have the setup.exe automatically prompt to elevate (using that yellow dialog I see in other installs).
Better yet, I'd like the MSI to do this and do away with the setup.exe completely, but I think that is what WiX 3.6 is about, right?
If I create the boostrapper using ApplicationRequiresElevation="true" this requries the 7.0a SDK, correct? Will the bootstrapper then prompt to elevate automatically? Does this mean the application has to be a .NET 4 application? I wouldn't think so...
We've used WiX 3.0 and were able to elevate privileges. However, we didn't elevate our bootstrapper. We elevated the MSI file itself, through the Package property:
<Package Id="$(var.PackageCode)"
Description="$(var.ProductName) $(var.Version)"
InstallerVersion="301"
Compressed="yes"
InstallPrivileges="elevated" <!-- Elevated right here -->
InstallScope="perMachine"
Platform="x86"/>
As a side note, our bootstrapper is signed (using signtool.exe from the v6.0A SDK) with our official certificate. I'm not sure if this causes the bootstrapper to also require elevated privileges.
UPDATE:
We've got an app.manifest file on our setup.exe bootstrapper project that requires the executable to be run at the administrator level. See the sample below:
<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1"
xmlns:asmv1="urn:schemas-microsoft-com:asm.v1"
xmlns:asmv2="urn:schemas-microsoft-com:asm.v2"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<!-- UAC Manifest Options
If you want to change the Windows User Account Control level replace
the requestedExecutionLevel node with one of the following.
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
<requestedExecutionLevel level="highestAvailable" uiAccess="false" />
If you want to utilize File and Registry Virtualization for backward
compatibility then delete the requestedExecutionLevel node.
-->
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
</asmv1:assembly>
I know this is a old topic, but may it save some time to next one.
I had to read all comment, especially custom action had Impersonate=yes...
On the other hand Custom Actions have Execute attribute related to privileges:
<CustomAction Id = "CA.First" Execute ="immediate" ... />
<CustomAction Id = "CA.Second" Execute ="deferred" ... />
CA.First will be always executed in user mode, but CA.Second can have elevated privileges.
May be here are other tricks related to privileges,
main point here - WiX allow control privileges on CustomAction level so make sure you set it right.
CustomAction Element
My installer deploys a configuration exe which is used to do some basic configuration on a windows service which is also installed. The exe also needs to create and write some registry keys. On a Windows server 2008 environment these keys can't be created. I have investigated and found that this is an Administrator privilege, and the exe isn't prompting for Admin permissions which are needed under UAC on 2008. I can work around this by right clicking the exe and running as Administrator. This isn't ideal however as its an extra step I need to notify our clients of performing. Are there any other ways of elevating the admin permissions when running the exe?
Put a manifest on or with the exe. I can tell you how to embed the manifest using Visual Studio if you let me know what version of that you're using. If you're not using Visual Studio, or you don't build the exe, then you can just put the manifest file in the same folder as the exe and that will work too. In that case the file must be named the same as your exe, with .manifest on the end, eg for foo.exe it's foo.exe.manifest. The content should look like this:
<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<!-- UAC Manifest Options
If you want to change the Windows User Account Control level replace the
requestedExecutionLevel node with one of the following.
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
<requestedExecutionLevel level="highestAvailable" uiAccess="false" />
If you want to utilize File and Registry Virtualization for backward
compatibility then delete the requestedExecutionLevel node.
-->
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
</asmv1:assembly>
Notice the possible values for requestedExecutionLevel are all here in a comment, and this one uses requireAdministrator. Now it will always elevate and therefore work for you.