A lot of my programs require the ability to write files to the hard drive. When I first made these programs for XP they worked great. Now I'm less ignorant about UAC (got a new laptop recently). And for future customers...I've noticed the potential for a LOT of annoying error messages....and quite frankly if the program can't write data to the hard drive or thumb drive it's on...there's no point to running it....
I've tried multiple times to build in the manifest a requirement for administrator or user access....I'm not sure if anything less would solve the problem...but have failed because click-once has security features in place to prevent me from doing so.
I'd rather not have to tell my customers how to make the program run as an administrator by editing the file's properties...I'd much rather have a convenient pop up like what you'd see new programs such as Itunes or Filezilla show if they were in conflict with UAC requesting the privileges they need.
I'd really like to do this but have had little success.
Any and all advice that can remedy this grievous problem appreciated.
Thanks.
First, let me tell you that the design goal of ClickOnce deployment is not to require administrative privileges. This translates into "you can't elevate privileges when running a ClickOnce application".
When Windows Vista came out, Microsoft published guidelines on where to store files that you want to be able to update. NOTHING should be placed in Program Files; they generally recommend LocalApplicationData or Isolated Storage. The same issues are in place for Windows 7.
So where are you trying to write data for your customer?
Related
I am developing a portable application that needs to create, modify and read various files (create logs, configs, export .jpg and .csv files, etc.) next to it. This application has to work from whatever directory the user places it into. I don't want to have Administrator access as a requirement, because many people don't have it on their workplace computers, and it can look understandably suspicious. Problem is, Windows usually prevents file creation for applications launched from non-administrative accounts under most directories (like Program Files). I cannot have my application write it's additional files to some other directory with full permissions under any account (like My Documents), because it will defeat the whole point of portability.
Judging from what I've googled I would think that what I want is impossible, but I've seen (and have on my computer) dozens of applications, most of them portable, that do not require Administrator account or access, which can be launched from pretty much any directory, and they read/write files without any problems. So evidently it is possible, but I can't seem to find any information on how they achieve this.
Can someone advice me how to best approach this issue?
Why is it a good idea to limit deployment of files to the user-profile or HKCU from my MSI or setup file?
Deployment is a crucial part of most development. Please give this content a chance. It is my firm belief that software quality can be dramatically improved by small changes in application design to make deployment more logical and more reliable - that is what this "answer" is all about - software development.
This is a Q/A-style question split from an answer that became too long: How do I avoid common design flaws in my WiX / MSI deployment solution?.
As stated above this section was split from an existing answer with broader scope: How do I avoid common design flaws in my WiX / MSI deployment solution? (an answer intended to help developers make better deployment decisions).
9. Overuse of per-user file and registry deployment.
Some applications won't run correctly for all users on a machine, because the user-specific data added during installation isn't correctly added to other user's profiles and registry. In other words the application just works for the user who installed the software. This is obviously a serious design error.
There are several ways to "fix" this, but the whole issue of deployment of per-user files and settings is somewhat messy for a few fundamental reasons:
How do you reference count components installed multiple times? (for each user on the machine)
What do you do with the installed data and settings on uninstall?
How do you deal with new files and settings to install that differ from the ones that are on disk and in the registry and have user-made changes? Surely you don't overwrite automatically?
There are no real clear cut answers, but there are several alternative ways to deal with the "problems". My preferred options are 2 & 3 since I don't think Windows installer should deploy, track or attempt to modify or worse yet, uninstall user data and settings at all - it is user data that shouldn't be meddled with:
9.1 Using Windows Installer Self-Repair or similar
The first option is to get settings and files and HKCU registry keys deployed properly via the setup itself or setup-like features. There are two major ways to do this: relying on Windows Installer "self-repair" generally triggered by an advertised shortcut, or using Microsoft Active Setup.
Self-repair is what happens when you launch a shortcut to start your application, and Windows Installer kicks in and you see a progress bar whilst "something" is being installed. What is typically added are HKCU registry entries and user-profile files.
There is also another alternative to achieve this, it is called Active Setup and is also a Microsoft feature. It essentially registers "something runnable" to run once per user on logon. This can be used to set up per-user data. Active Setup allows "anything runnable" to be executed - for example a copy of files to the user-profile. .
Both of these options mean that the user data and settings are copied in place once - and from then on they are not generally touched, but in the case of "self-repair" might get uninstalled for any user who actually runs the uninstall of the application (unless the setup is designed not to do so).
Although setting up user data with self-repair and Active Setup are "established" methods to get applications running properly, it seems wrong to track user data with Windows Installer components. Why? Because it is really user data that shouldn't be meddled with once initialized.
Accordingly my honest take on the whole issue is to try to avoid deploying user specific data or registry keys and values altogether, and this is what is described next as two other user-data deployment methods.
9.2 Application Initialization of User Data
The second alternative, and one that I find much cleaner, is to change your application executable to be able to initialize all per-user settings and files based on default setting and templates copied from a per-machine location or based on application internal defaults (from the source code) instead of writing them via your setup.
In this scenario Windows Installer will not track the files or settings that are copied to each user. It is treated as user data that should not be interfered with at all. This avoids all interference such as reset or overwritten user data during upgrades and self-repair (and manual uninstall and reinstall).
If there are cases where "fixes" must be made to application settings, this can be achieved by having the application executable update the settings for each users on launch, and then tag the registry that the update has been completed.
The overall "conclusion" is that your setup should prepare your application for first launch, it should not set up the user data and settings environment. All user-profile files and HKCU settings should be defaulted by the application in case they are missing on launch - this yields a much more robust application that is easier to test for QA personnel as well. This is particularly important for Terminal Servers where self-repair is not allowed to run at all. In such cases the application data will be missing if you rely on self-repair to put user data in place.
9.3 "Cloud" or Database Storage of User Settings
To take things a step further in today's "cloud environment" - and this is in my opinion the preferred option. Why should your application be restricted to files and registry keys and values? Why not store all user specific settings in the solution's database?
Full access, control and persistence for all settings without any deployment issues at all.
You do get new management issues though, and they must be shared between developers, system administrators and database administrators. But isn't the cloud pretty much the industry standard by now?
We have been struggling long enough with roaming profiles, corrupted user registry, mishandled user-profile data files, etc.... Developers, save yourself a lot of trouble, and create yourself some new database management issues instead of deployment issues - and start yelling at a whole new bunch of people! :-).
Settings in databases are:
Not suffering from "dual source problems". There is one instance, and it is updated in real time. Not like the synchronization problems seen with user-profile and "roaming".
Inspectable, manageable and patchable
Revisable (version control - can revert older settings)
You could even "tweak" all the user settings from your setup still by running database scripts as part of deployment, but if you are in a corporate environment - isn't the thought of just raising a ticket and then have your database administrator run the maintenance scripts with proper transaction support and rollback much more appealing?
Even if you are delivering a large, fat-client vendor application for general distribution and third party use (in other words not a tailored, corporate client/server solution where you are guaranteed to have a back end database), one should consider cloud storage of user settings by having users log on to a cloud using their email or similar and then synchronize settings in real time.
Such large applications generally always need to "cache" some settings files on the computer and in HKCU, but it seems more and more possible to save all settings in a single temporary file in the user profile area which is entirely "sacrificial" and even possible to delete if it is corrupted and then download the last saved settings.
Instead of hosting the cloud yourself, it is obviously possible to use company DBOs to configure their own company-wide cloud where they have full control of all settings, and can also enforce mandatory policies and restrictions for your software's operation. Not to mention the proper backup that is possible for all user settings.
I am attempting to write a small, lightweight client, using vb.net winforms, that can install without needing elevated privileges. Before I ask my questions, let me give you a bit of an idea of what it is supposed to do.
The app will start when Windows loads, set like this from the install, with a system/notification tray icon that can be clicked on to load up specific functionality. The application install from a website, or possibly a file share, haven't quite decided yet. This client will initially request user credentials for one of our web programs, and it will talk to an already built web service to determine what functionalities of our services they have licensed access to. After this, credentials will be encrypted and saved to the users pc locally. Every five minutes, the client will pass the credentials to the websites they have access to and check to see the status of jobs that are being processed, and download available reports if needed.
So, here is what I am trying to understand. If I configure this app as a ClickOnce application, once it installs from the url or shared drive, the user will not need to do anything else, correct? Or do they have to visit that url every time they boot up to reinstall/run the client?
Another thing, I wanted to get some opinions on the best ways to do some of the things this app will be doing. I have a good idea of where I am going with it, but I have no idea of which solution to go with yet.
For instance, what is the best way to store user passed credentials on their system for a "remember me"?
Also, is the best way to have the client install with automatically starting on windows startup to configure it to create a shortcut of itself in the windows startup folder?
I am trying to keep this as lightweight as possible, and using a very small GUI, so it shouldn't be too intrusive, so any ideas on how to ensure that, while keeping it from needing admin privs to install, will also help.
If I configure this app as a ClickOnce application, once it installs
from the url or shared drive, the user will not need to do anything
else, correct? Or do they have to visit that url every time they boot
up to reinstall/run the client?
Well if they need to reinstall it, they would have to download the setup.exe file again, but why would users need to do that? CilckOnce supports automatic updates. Visiting url is certainly not needed for running the program.
what is the best way to store user passed credentials on their system
for a "remember me"?
Probably storing them as application settings. Haven't used visual studio 2012, but in visual studio 2010 you have to right-click on project in solutions explorer, go to project propeties and then create variables in Settings tab. Then you can access those variables in code using My.Settings.variableName. Not sure about security though, if you need any.
As for privileges, I think you just need a privilege to install a program. Maybe you should publish a primitive clickOnce application and experiment with it and that will answer all your other questions about clickOnce.
I'm having a massive problem trying to write a file into the c:\windows\system32 directory. The code works fine on 32 bit machines, however does not work on 64 bit machines.
My user account is an administrator on the machine, and even right clicking and choosing to run the app as administrator does not solve the issue.
When writing the file, no exception is thrown, but the file is not written.
I have read various posts regarding adding an app.manifest file containing the requestedExecutionLevel node to my solution, but as yet am unable to get this to work. I have a feeling this may be because I'm using vb.net rather than c#.net
Has anybody encountered this issue before? I'd be delighted if somebody could provide an example VS2010 VB.Net project with a correctly configured app.manifest file as I'm a little unsure whether my attempts at setting this up are correct.
(also, this is not a malicious app I am writing, I'm working on a version control app for our team and need to be able to interface with IIS files held in c:\windows\system32\inetsrv\config).
Thanks
David
Maybe the file is written under UAC Virtualization and located under C:\Users\Username\AppData\Local\VirtualStore\Windows\System32
Windows Blog - Tips on what is going on behind the scenes.
TechNet - Look under Data Redirection
Under Local Sercurity Policies there is the following option which controls UAC Virtualization.
I've attempted just about everything to get our ClickOnce VB.NET app to run under Terminal Services as a RemoteApp. I have a batch file that runs the .application file for the app.
This works fine via RDP desktop session on the terminal server. As a TS RemoteApp, however, well... not so much.
I get a quick flash of command prompt (the batch file) on the client system and then... nothing...
Same goes for having it point to the .application file directly (without using a batch file) or even copying the publication locally and having it point to that.
I found a technet.microsoft.com discussion about a similar issue, but there's no resolution to it listed.
For anyone who has run into this before and got it working, what did you have to do?
We currently use RemoteApp's for everything else on that server, so I'm hoping to stick with that if possible.
The current workaround is to build and run an MSI-based installer for the app on our terminal server whenever we publish via OneClick out to the network, but this can be quite a pain at times and is easy to forget to do.
Since the app works fine via Terminal Services when run in full desktop mode but not during RemoteApp, I don't think it's anything specific to Terminal Server permissions so much as ClickOnce requiring something that isn't available when running as a RemoteApp.
The Key to getting it to work is to use Windows Explorer "C:\windows\explorer.exe". This process is the base process when you login to a full session.
If you setup the RemoteApp to use Windows Explorer and the command line argument of the path to the .application file for the ClickOnce application then it will work when launched as a remote application. Windows Explorer will flash for a second when it starts, but it will disappear then the ClickOnce application will launch.
Why does it have to be a ClickOnce application? I would consider just deploying the exe file and assemblies.
I know it only half a solution, but if the application does not change much, it might be a good solution.
I believe your problem is related to the fact that ClickOnce needs to store it's data in a special user folder called the ClickOnce application cache. Apparently because of how Terminal Services sets up user folders ClickOnce can't access this in TerminalServices mode.
See this link for more information.
http://msdn.microsoft.com/en-us/library/267k390a(VS.80).aspx
There may not be a way to do it :(
Can you launch the .exe directly? It's buried under your profile in \AppData\Local\Apps\2.0[obfuscated folders], but you should be able to find it.
That will skip the built-in update process, but if it can be launched that way you could then write code to do a manual update after the application starts.
Faced the same problem this morning and got it resolved by copying the clickonce app's directory from the user settings folder to somewhere like c:\MyApp\ - I know its nasty and not very ideal.. but good enough for me!
We recently ran across this issue and decided to post a bug report on this issue to the Visual Studio development team. Feel free to comment on the bug report. It has to be a bug in ClickOnce caused by some changes in Server 2008.
https://connect.microsoft.com/VisualStudio/feedback/details/653362/net-clickonce-deployment-not-working-as-remoteapp-or-citrix-xenapp-on-server-2008-server-2008-r2
We also have a discussion on the MSDN forums covering this issue:
http://social.msdn.microsoft.com/Forums/en-US/winformssetup/thread/7f41667d-287a-4157-be71-d408751358d9/#92a7e5d9-22b6-44ba-9346-ef87a3b85edc
Try using RegMon and FileMon when starting the app - You may be able to track it down to a file and/or registry permission issue.
Also maybe check the event logs to see if anything's getting logged when the process fails.