I store our product activation code into HKEY_LOCAL_MACHINE.

This is not user specific but grants permission to run to our all users on a
machine.

For Vista users many times their user account will not let this code be
saved there and the user is not asked whether they want to grant access.

Is there a way to call the API from Clarion to request permission to access
these restricted resources for a period of time ?

Mike

Hi Mike,

Not only on Vista! This is the case for Vista, Windows 2008 and Windows 7!
And even XP when running as a Limited User.

Under Vista/2008/Win7, applications need administrator execution level
privileges to write to that protected area. Your application should never
ever write to a protected location.

Last year, I published a SetupBuilder project demo on how to give
"asInvoker" applications write access to HKEY_LOCAL_MACHINE:

http://www.lindersoft.com/forums/showthread.php?t=2379

But this should only be used as a temporary workaround to give you more time
to make your application Vista-ready.

Does this help?

--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

SetupBuilder "point. click. ship"
Create Windows Vista ready installations in minutes

-- Official Comodo Code Signing and SSL Certificate Partner

Friedrich,

Here is what I am doing.

I provide my users with a activation code. This needs to be available to all
users on a computer.

I cannot place it in HKCU because then it will be specific to each users and
that will require all users of a particular machine to enter this code.

So I want to save it in a registry location that is available to all users.

I do not want to place it into a file.

Can you advise an solution that does not require my app to run as
administrator?

Mike

Hi Mike,

> Here is what I am doing.
>
> I provide my users with a activation code. This needs to be available to
> all users on a computer.
>
> I cannot place it in HKCU because then it will be specific to each users
> and that will require all users of a particular machine to enter this
> code.
>
> So I want to save it in a registry location that is available to all
> users.
>
> I do not want to place it into a file.
>
> Can you advise an solution that does not require my app to run as
> administrator?

You have several different options.

One idea is to "move" the code that writes your activation key to
HKEY_LOCAL_MACHINE to an external .exe and start that external program
elevated from within your non-elevated application. You can even use
SetupBuilder to write such a "helper" application (two lines of code).

Something like the following. Your application collects the activation code
(user enters it into a screen, etc.). When you "save" the activation code
(e.g. user clicks "OK"), you start the "helper" application elevated from
within your main application and pass the activation code via the command
line to that helper program. The program will prompt for elevation and
writes the activation code to HKEY_LOCAL_MACHINE. Your own main program
still works non-elevated.

What do you think?

Friedrich

--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

SetupBuilder "point. click. ship"
Create Windows Vista ready installations in minutes

-- Official Comodo Code Signing and SSL Certificate Partner

>One idea is to "move" the code that writes your activation key to
>HKEY_LOCAL_MACHINE to an external .exe and start that external program
>
>What do you think?

I agree. That EXE needs to be made with a Manifest with requestedExecutionLevel
=> requireAdministrator

<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
....
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel
level="requireAdministrator"
uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>

In your program tell your user you need to run an new program that requires
Admin. You want to tip him off to click Run on the "Open File - Security
Warning".

Then run your exe with ShellExecute(). That is the ONLY WAY to get elevation to
admin. RUN will return error 1040 but should return 740 "Needs Elevation", you
would get that from WinExec().

If you use ShellExecuteEx() with SEE_MASK_NOCLOSEPROCESS to a handle to the new
process and wait for it to finish.

You could give the user the option to install in HKCU so it's only registered
to his user "Would you like to register this user, or all users (requires
admin)?". Seems flexible, saves him from asking an Admin.

-----------
Carl Barnes
www.carlbarnes.com
Maker of CW Assistant, Clarion Source Search,
CHM4Clarion - Add Html Help to C5, 5.5, 6 and 7 with just 4 lines of code

Mike,

And please remember this:

http://www.lindersoft.com/forums/showthread.php?p=18902
http://www.lindersoft.com/forums/showthread.php?p=18902#post18902

So ShellExecute is the way to go ;-)

--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

SetupBuilder "point. click. ship"
Create Windows Vista ready installations in minutes

-- Official Comodo Code Signing and SSL Certificate Partner