I am using NSIS to create installer for my application. I want to provide the feature in which user can double click and open a file of a particular file extension in my application. I have followed instructions provided in this link: http://gergo.erdi.hu/blog/2006-10-08-registering_windows_file_types_with_nsis/.
But it doesn't create registry key for me. My guess is that probably the installer has to be run as an administrator. But I don't unnecessarily want to prompt the user for administrative privilege.
How can I then associate my custom file type and icon with my application?
PS: I am using Windows 7 64 bit.
Try to write the keys into HKEY_CURRENT_USER\Software\Classes instead of HKEY_CLASSES_ROOT. This should work without administrator privileges under Vista and later.
Related
I've made a custom installer / uninstaller. I register the uninstaller with the Windows Registry as described in the MSDN Library, Chaper 2. Install/Uninstall.
Namely, this means registering uninstall.exe as the UninstallString. It works, in that it runs my uninstaller. The problem is that it doesn't invoke as admin. I've set uninstall.exe's manifest to require admin using mt, and if you double-click it from explorer, it will automatically request admin as desired.
So the question is, what's the magic flag I need to set in the registry to get the Windows Add / Remove Programs dialog to run my uninstaller as admin?
You could add checking for admin privileges inside your uninstall program. Check this question for more ideas on how to do it. The easiest of the mentioned options is using a shortcut to your program and ticking the option "Run as administrator".
The other solution is to make a registry entry inside HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers and add a REG_SZ path to your executable as the value, and "RUNASADMIN" as data.
More info in this answer here.
I need to create an NSIS installer, which runs with administrator privileges. I request these privileges with
RequestExecutionLevel admin
So far this works. But I also need to place shortcut links on the users desktop. I do NOT want to create the shortcuts for all users but only for the currently logged in user. So I use
SetShellVarContext current
in the installer sections. If the current user has admin privileges, this works. If I have a normal user, Windows (7) asks for credentials for a privileged user, which is also correct. But the installer then creates the icons on the privileged users desktop, and not on current users.
So, how can I tell NSIS, that it should create desktop icons for the current user if she has no admin privileges?
FYI, if I omit both RequestExecutionLevel and SetShellVarContext, I am also prompted for administrative rights but the installer creates icons on the current user desktop as well as for the admin user. I think this is some kind of compatibility behavior.
You are not really supposed to do this (because of this exact issue) and you are basically asking how to create a installer that is broken by design. This is not a NSIS specific problem and not even UAC specific, it has existed since runas was added in Win2000! When you elevate with runas/UAC the new process is executed as that user and with their HKCU and shell folders...
If you need "RequestExecutionLevel admin" in your script then you are doing machine level things and should therefore call "SetShellVarContext all" and install the files in $ProgramFiles and write the uninstall registration under HKLM. This is true for any version of NT, not just Vista+/UAC. (Most people forget to test as non-admin on NT4 and NT5)
If creating shortcuts for all users is such a big problem then I suggest you enable the "Don't create shortcuts" checkbox on the startmenu page so the user can decide.
If you still want to force broken behavior then you need to use this plugin. (You should be able to find plenty of topics about this plugin on the NSIS forum)
In matlab, I used a windows standalone application. There is a line in this application that writes a file in C:\...\...\. When I run the output exe file produced from this windows standalone application, the exe doesn't write in C:\...\...\ neither tells me that there is a security issues in that partition. All the execution does is nothing. But, when I right-click and run the exe as administrator, it runs correctly.
I want to do it without right-click and run as administrator. Are there is a command in matlab that can do that?
If you create a shortcut to your application, you can go to the Properties of the shortcut, click on Advanced in the Shortcut tab, and select "Run as administrator". That way, whenever you start the application from the shortcut it will be run as an administrator.
(Disclaimer: applications really shouldn't "foul their own nest" by writing into Program Files. This is bad design.)
Starting from Vista, unprivileged processes are not allowed to write to protected folders such as Program Files, because Program Files is designed to store code and not data. However, since this limitation has not been enforced in XP, MS has provided a backward-compatibility hack in the form of Virtual Store. Now, when a program tries to write to protected folder, its output is being redirected into a dedicated folder. This way, the program still "thinks" it writes to its usual location, while in fact it writes to an unprotected location. However, when you later check the Program Files location, you might not see the file - because it's not really there.
You can find more details here: User Account Control Data Redirection.
If you are administrator, add full control permission for your username to the destination folder. You do that by right clicking on the folder, going to properties and then security tab. Then edit and add you username with Full Control rights. Then you don;t have to run the the program as an administrator.
There is no way you can elevate a process once it is started, so Matlab cannot possibly have a command for that. Just running Matlab elevated.
I have an addin program that works with MS Word (version 2007). It is located in the C:\Program Files location. I installed Windows 7 and then went to make a routine change to my files in this location and it would only bring up a read only file. How can I grant myself permission to write to my own program? I cannot change this location or use any other workaround. I have this product out to 25 different companies and I can't change the programming to work from any other location. Thanks
You could also embed a manifest in your EXE that makes your program require adminrights on Windows 7 / Vista.
On Windows Vista, UAC means that users run without admin rights and don't have write access to the program files directories.
The correct solution is to write to a folder for which standard users do have write permissions.
The solution you are looking for is to make your app's folder within program files writeable to all users. You can do this by adding a DACL when installing. It is extremely bad practice to allow standard users to write inside the program files directory and I urge you instead to re-code your app so that it does not need to write there.
Assuming you're doing this as part of modifying the config (and not when your application is running for regular users)...
Your user account probably doesn't have the correct permissions to write/modify the file. Assuming your account is an administrator account, right-click the file, select "Properties". Click the "Security" tab. Click edit and give your user account Full Control.
If you can't do this, it's probably because the ownership of the file doesn't allow you. If this is the case, click on "Advanced", go to the "Owner" tab, and click "Edit".
However, if it needs these permissions when it's running, you should instead be using the %AppData% folder.
i am using Vista . I designed MSi file through Visual Studio 2008 Setup and deployment project in which I added one custom action. In the custom action, I am opening OpenFile dialog. This Open File dialog is not showing mapped drive or network locations. so how can i make the open file dialog to mapthe network drives.
This is a known problem with Vista User Account Control. When your installation program is started, the non-admin session of the user is elevated to an admin session. The problem is: Network drives mapped in the non-admin session of the user do not automatically carry over to the admin session.
Unfortunately, there is not much you can do about it. (You can start an elevated command prompt prior to starting your setup project and manually net use the drive letters there, but I guess that's not something you can expect your customers to do.)
Related question: Preserve mapped drive letter information during UAC elevation