JeffG said:
(Sorry if this is a duplicate, but it seemed like my last posting attempt
failed)
Hah! I know where the confusion comes from! I have two systems - my Desktop
and my Laptop. So I gave them the machine names... Desktop and Laptop
So Desktop *is* the machine name.
Well I did it, finally. And like the other guy, it went exactly as you
predicted.
A little more about the problem I had (have) where the app wouldn't create
the folder 'global' under 'data'. In fact it is a LUA function which calls
io.open() which in turn calls fopen. The call is effectively
fopen("data/global/filename.dsl", "wb"),
where the sub-folder global does not yet exist. So if fopen itself cannot
create non-existent folders on the fly in a file specification, that is the
real problem. As I said, if I create the global folder manually, the file can
be created in that folder ok.
Then I would think that the program is not using Run As Administrator on
the short-cut pointing to the exe, on the exe itself to escalate its
privileges to perform the task or the program is not set to user the UAC
manifest to have the programs privileges.
You remember now, that an user/admin is NOT an user/admin with full
rights like on XP. A program runs under the context of the logged in
user-account. Your user/admin account the one you got out the box and
any new accounts that you may create that are to be an user/admin
account is not an admin account that has full rights. Those user/admin
accounts have two access tokens assigned to them.
One token of admin with full rights is assigned, and another token is
assigned with standard user rights. It is the standard user token that
is assigned to the user/admin account as default, and user/admin is a
standard user until UAC prompts the user/admin to escalate it's
privileges to the admin full rights token to run the program with those
rights or a task at the moment of escalation, and then the user/admin is
returned back to the standard user token.
If it is a non user/admin account, then the user is asked to give a
user-id/psw to a user/admin account to complete the task. But that also
depends on what rights the user account has in NTFS on folders or files
as well for any type of an account.
Did you see that UAC prompt as user/admin as you went to the Security
tab and asked you to allow or disallow your actions, even as user/admin?
If you have seen that UAC prompt, then that's when you're given that
admin full rights token to complete the task, and you are returned to
the standard user token.
Even if you disable UAC, user/admin on Vista is not an user/admin that
has full rights. The only admin account that has full admin rights is
the hidden built-in Administrator account, that same one you see on XP.
Now, it could be that this program you are talking about doesn't have
the power/privileges to do the task, there is no error trapping in the
section of code to inform the user that the requested task the program
is trying to do didn't happen, it didn't blow-up and it just didn't do
it and kept on executing.
So here is some information in general about security on Vista, and what
you as a software developer must be aware of in developing solutions to
run on Vista.
http://technet.microsoft.com/en-us/library/cc709691.aspx
http://technet.microsoft.com/en-us/magazine/cc138019.aspx
http://www.developer.com/net/net/article.php/3695651
<
http://news.softpedia.com/news/Admin-Approval-Mode-in-Windows-Vista-45312.shtml>
<
http://channel9.msdn.com/posts/jmaz...s-UAC-What-Privelege-Level-Your-App-Requires/>