WinXP Pro Security Question

**linear** · 12-22-2006, 10:35 AM

Probably a better path to the goal is to use the "Run As" feature. Right-click the executable and choose to run it as administrator if it won't run otherwise.

**LarryG** · 12-22-2006, 10:45 AM

Rob, the problem with Run As is that you can't set it up to run as another user as the default. Unless I've been missing something, that is. You have to put in the Administrator password every time ... which means the person has to KNOW the password ... which not everyone does.

**rickd** · 12-22-2006, 11:03 AM

Hi Larry,

You can do exactly the same thing in xp(I love xp by the way!). Here's how:

double-click on My Computer and choose Folder Options from the Tools menu.
In the View tab, scroll to the bottom of the Advanced Settings section and uncheck the Use Simple File Sharing (Recommended) checkbox.
Click OK to apply the change.
This will activate new and more detailed menus in the shared drive options in the Properties dialog boxes of each of your drives and folders.
To see the effect, right-click any drive or folder or program in Windows Explorer and choose Properties.
In the folder or drive's Properties dialog box, you will find a new Security tab.
Here you will have control over whether particular login identities or groups can use any or all of the functions in this drive or folder

I think this is what you are referring to. Please let us know if it isn't o.k.

Thanks,

Rick

**LarryG** · 12-22-2006, 11:28 AM

Thank you, Rick. That indeed did bring back the tab I was looking for, with the setting choices I was looking for.

And that's a classic example of why I hate XP (still). They "helpfully" hid some of the configuration options, even from system admins! Dumb.

Unfortunately I'm still getting the registry-write error, so I'm going to have to futz around with it some more, maybe reinstall the program. Not entirely sure what's going on because the same settings I'm applying now always worked in Win2000. I'll get it. In the meantime, you've answered my question ... thanks again.

Man, I hate XP ...

**Kristofor** · 12-22-2006, 12:45 PM

When you're editing the share or file access properties that's simply the ability to work with those files in that specific folder. The registry is not stored in those folders and access/permissions for it are not modified through that mechanism.

What's the specific error message you're getting? Is the program an off the shelf product or some custom app?

Kristofor.

**LarryG** · 12-22-2006, 01:02 PM

The app is a little freeware raster-to-vector conversion program.

It's saying I do not have read, create, and write permissions to change registry keys.

XP may operate differently than 2000, as I have seen this same error (not the exact same wording, necessarily, but the same problem: unable to write to the registry) and have fixed it used the method described in my OP.

Thanks for the reply. I'll pick it up again next week, as I'm now outa here for the long weekend. Y'all have a very Merry Christmas!

**siliconbauhaus** · 12-22-2006, 02:44 PM

why not just change your user account settings to have administrator priviledges ?

25 · 12-22-2006, 05:17 PM

You know that you can change quite a bit of XP to give you the classic Win2K look and feel? I always do this when I first setup an XP system since I hate the cartoon look and the fact that they hide everything, compared to Win2K.

A simple way to give them more access but still somewhat restricted is to make them a member of the Super Users group. I would recommend this over making them an administrator.

**LarryG** · 12-24-2006, 11:39 AM

Originally posted by siliconbauhaus

why not just change your user account settings to have administrator priviledges ?

Because the system is then FAR more vulnerable to malware. Running a machine in plain User mode prevents 99.99% of the bad stuff out there from being able to install itself. It also prevents automatic updates to Windows itself -- and that's a GOOD thing.

25: Yeah, first thing I do with an XP machine is ditch the Fisher-Price "My First OS" look in favor of classic Win2000. I'm still finding things that are different as I drill deeper into the various menus and setting, though.

25 · 12-24-2006, 11:49 AM

Yeah, they worked hard on making it different.

Personally I disable the Autoupdate services and only start them when I am updating.

Look into the Super User group it is different than Administrators group.

**BasementDweller** · 12-24-2006, 11:50 AM

1/2 way

Larry,

You're half way home. Now that you have granted everyone the rights to access and run the program via the security tab, you need to run it the first time (install it) when logged in as the Administrator of the system. This user will have permissions to update the registry and install the software. After that your low access user will still be able to run the software.

As some suggested you can install it by running it with RunAs instead of logging off from your profile and back on as another. Either way, once you have it installed you can run it from your "main" account.

- BD

**guycox** · 12-24-2006, 07:56 PM

Here's an idea - find the registry key that the app is trying to write to and change the permissions on the key so that mortals can write to that key and any subkeys -- then you don't have to elevate the permissions you should be running under.. WHo cares if the registry key that the shareware uses gets trashed - it'll be localized damage...

WinXP Pro Security Question

WinXP Pro Security Question

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Footer Ad