Registry read operation fails on Vista.
-
Hi all. In my application I am trying to read some registry values which are stored during installation. Registry reading/writing operation works fine on all other OS but it fails on Vista. When I disable the UAC from Vista, it supports registry reading and writing. Here is the way I am disabling UAC Start->Control panel->User Accounts->Change Security Settings->Uncheck "Use User Account Control (UAC) to help protect your Computer”. But disabling UAC is certainly not a good way to get the solution. Is there any other way by which I can read/write registry without disabling UAC?
Sameer Thakur
-
Hi all. In my application I am trying to read some registry values which are stored during installation. Registry reading/writing operation works fine on all other OS but it fails on Vista. When I disable the UAC from Vista, it supports registry reading and writing. Here is the way I am disabling UAC Start->Control panel->User Accounts->Change Security Settings->Uncheck "Use User Account Control (UAC) to help protect your Computer”. But disabling UAC is certainly not a good way to get the solution. Is there any other way by which I can read/write registry without disabling UAC?
Sameer Thakur
I assume you are reading from HKEY_LOCAL_MACHINE or something similar, what you can do is: Option 1) Re-write your application to play nicely with Vista by only writing to/reading from those registry/file locations that are either specific to the user account you are logged in as, or for all users. Option 2) Ship a manifest file with your application, embedding it is the best choice and within the manifest file specify the required security settings, here is an example manifest:
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0"
processorArchitecture="X86"
name="MyExe.exe"
type="win32"/>
<description>MyExe Description</description><!-- Identify the application security requirements. -->
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel
level="requireAdministrator"
uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>regards,
Jonathan Wilkes Darka [Xanya.net]
-
Hi all. In my application I am trying to read some registry values which are stored during installation. Registry reading/writing operation works fine on all other OS but it fails on Vista. When I disable the UAC from Vista, it supports registry reading and writing. Here is the way I am disabling UAC Start->Control panel->User Accounts->Change Security Settings->Uncheck "Use User Account Control (UAC) to help protect your Computer”. But disabling UAC is certainly not a good way to get the solution. Is there any other way by which I can read/write registry without disabling UAC?
Sameer Thakur
When code works with UAC off, but breaks with UAC on, it means you have code that assumes the user has admin rights. This is a bug.
--Mike-- Visual C++ MVP :cool: LINKS~! Ericahist | PimpFish | CP SearchBar v3.0 | C++ Forum FAQ Ford, what's this fish doing in my ear?
-
When code works with UAC off, but breaks with UAC on, it means you have code that assumes the user has admin rights. This is a bug.
--Mike-- Visual C++ MVP :cool: LINKS~! Ericahist | PimpFish | CP SearchBar v3.0 | C++ Forum FAQ Ford, what's this fish doing in my ear?
Michael Dunn wrote:
This is a bug
I beg to differ. Registry Virtualization and the silent fail and redirection to a user profile copy of HKLM is misleading and inconsistent behavior with previous NT based OS's. Asking for KEY_ALL_ACCESS and getting it, now matter which account your using, now THAT's a bug! HKLM was always referred to as system wide. Now it is potentially a subkey in HKCU, or it could be system wide. There was nothing wrong with a programmer, when writing an admin utility to support the main application, knowingly calling a function that required admin rights and simply informing the user that they "Need to be logged in as admin to perform this task" if it failed. Now suddenly, on Vista, the function will never fail (with the default local security policy in place). "Silent fail" basically renders the "samDesired" useless. Oh, and not to mention that MSDN will need to be reworded... From: "If the function succeeds, the return value is ERROR_SUCCESS." To: "The function will always succeed. No worries mate" :|
-
Hi all. In my application I am trying to read some registry values which are stored during installation. Registry reading/writing operation works fine on all other OS but it fails on Vista. When I disable the UAC from Vista, it supports registry reading and writing. Here is the way I am disabling UAC Start->Control panel->User Accounts->Change Security Settings->Uncheck "Use User Account Control (UAC) to help protect your Computer”. But disabling UAC is certainly not a good way to get the solution. Is there any other way by which I can read/write registry without disabling UAC?
Sameer Thakur
-
Michael Dunn wrote:
This is a bug
I beg to differ. Registry Virtualization and the silent fail and redirection to a user profile copy of HKLM is misleading and inconsistent behavior with previous NT based OS's. Asking for KEY_ALL_ACCESS and getting it, now matter which account your using, now THAT's a bug! HKLM was always referred to as system wide. Now it is potentially a subkey in HKCU, or it could be system wide. There was nothing wrong with a programmer, when writing an admin utility to support the main application, knowingly calling a function that required admin rights and simply informing the user that they "Need to be logged in as admin to perform this task" if it failed. Now suddenly, on Vista, the function will never fail (with the default local security policy in place). "Silent fail" basically renders the "samDesired" useless. Oh, and not to mention that MSDN will need to be reworded... From: "If the function succeeds, the return value is ERROR_SUCCESS." To: "The function will always succeed. No worries mate" :|
Virtualization is only used for applications that don't have a Vista manifest ( v3).
-
Hi all. In my application I am trying to read some registry values which are stored during installation. Registry reading/writing operation works fine on all other OS but it fails on Vista. When I disable the UAC from Vista, it supports registry reading and writing. Here is the way I am disabling UAC Start->Control panel->User Accounts->Change Security Settings->Uncheck "Use User Account Control (UAC) to help protect your Computer”. But disabling UAC is certainly not a good way to get the solution. Is there any other way by which I can read/write registry without disabling UAC?
Sameer Thakur
Modify your program so that you don't need to write to HKLM. If you're just reading from the registry, ensure you open the key for read-only access.
-
Virtualization is only used for applications that don't have a Vista manifest ( v3).
I must have missed that portion about "asInvoker". I thought the node was only to request administrative levels. Thanks for pointing that out. I've embedded this in my legacy apps and the virtualization problems magically disappeared. Kinda klunky way for Microsoft to do things considering I've always had the best intentions and gave a considerable effort to follow the rules, yet, my app needs to be recompiled for Vista when the zillions of apps that blatantly ignored the rules and needed to run the user app as administrator will run fine without being recompiled. (At least this appears to be what Microsoft intended with the virtualization technologies). I'm guessing, in reality, most apps will find issues with this technology just based on the non-intuitive and unorthodox redirections it's performing in the background. It seems the technology will ultimately benefit no one. It's like justifying the means by the end your trying to achieve. If I remember correctly from my schooling, that is a flawed rational for justifying a decision or behavior. Sad part is, I finally get the Joke from all those recent Macintosh commercials. :-O Anyway, thanks again for helping me out. I've passed this information on elsewhere. :rose: