[Last Call] Learn how to a build a cloud-first strategyRegister Now


Visual Basic - Load OCX (DLL) files manually to avoid Registry actions (Administrative Rights)

Posted on 2003-11-27
Medium Priority
Last Modified: 2007-12-19
First, let me give you an idea of what we're trying to do

PROBLEM: We're working with a client to provide a product that will users to bypass Administrative Rights and use the software.

I'm presuming that their security structure is similar to Windows XP's "Limited Access" mode for assigning users... ie:

- Copy files/Create Folders
- Run files (ie: EXE)

- Copy files to "Program Files" or to System Folders (ie: Windows, System32)
- Write to user's registry

Our software requires some OCX files (ie: RichTX32.ocx, MSCAL.ocx, etc)

QUESTION:  Is it possible to load the OCX files within VB, so the files would not need to be copied to the System32 folder, not registered.

Question by:kirkhilles
  • 3
  • 3
  • 2
  • +1
LVL 14

Expert Comment

ID: 9832948
Try keeping the OCX in the same directory as your program. Could work..

Author Comment

ID: 9832960

Good thought, but I've already tried that with no luck.  When I try to run the application with the files in anywhere but the System32 folder, I get an error "Out of Memory"

I've also tried setting the PATH via command line, but that didn't work either.
LVL 14

Expert Comment

ID: 9832977
So your app does see the OCX but throws memory errors ? Do the OCX depend on other files ?

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.


Expert Comment

ID: 9833780
The location of OCX and DLL files is not important. It's no problem if they are outside the System32-folder.

However, because you can't register them, I think it will be impossible to use them. Because, when you register them, an entry is created in the registry with the name of you OCX/DLL, location (path) the ClassID (GUID) and so on.

So, I think it's impossible to use OCX and DLL files without registring them?

But, is there a possibility on these computers to execute a .reg-file? A .reg-file stores Register-Keys and when you double click on it, they are imported into the registry.

---------------------- Example of a registry File -> Try to execute it ----------------------

Windows Registry Editor Version 5.00

"MyValue"="My Value Data"

---------------------- Example of a registry File -> Try to execute it ----------------------

If you can, you could try to find all the registry-keys written to the registry when registering a DLL/OCX. If you store all these keys in a .reg-file and you can execute it, I think it will be the same as you would register it.

We use this method to install the Authorware WebPlayer Plugin. What we do, we copy first all the files to a folder (not WinNT, not Program Files). Then, we adapt our self-made .reg-file with the new file-paths. If ready, we execute the .reg-file, so all the keys (ClassIDs, Paths, ...) are imported into the registry.

I did the job myself (looking for all the keys), but there are also programs that locates all keys connected to a given program or DLL/OCX.

Can you run these .reg-files on these computers?


Author Comment

ID: 9834223
Unfortunately, I believe that they can NOT run the .REG file (I was unable to run it in Windows XP Limited Access mode, but could as an Administrator)

The reason I mention the location of the OCX is, is that the software loads if the RichTX32.ocx file is copied to the SYSTEM32 folder (on a fresh Windows XP Pro install), but gives an error if its not.

I could, however, be wrong about them not able to install the .REG file; I just know they are using Windows XP and the "Limited" mode seemed to meet their restrictions (not being able to install to the registry)

Did your client/company have the same restrictions?  
LVL 14

Accepted Solution

aelatik earned 2000 total points
ID: 9835445

Expert Comment

ID: 9839920
No.  You can't use unregistered OCX controls.  Take this CCRP controls project download for example:  http://www.mvps.org/ccrp/download/controls/ccrpvb6pack.zip

This includes a zip file named ccrpftv6-10
which includes a program named   ccrpRegUtil.exe   very handy!

I've got this associated with the OCX extension so I can double click any OCX file and have it registered into the registry so that it may then be selected from tools toolbars and control reference lists as well as being inserted and used from Office or VB applications without getting the control not registered error.

The bottom line is, there is no magic wand to give people rights you have deliberately revoked with policy editor.  If you want to have a bulletproof safe user machine population protected from installing garbage like screensavers, garfield mouse cursors and other viruses and protect them from mangling their registry - for ease of support, then you will also have locked them out of installing beneficial applications as well..

Have your application added to the baseline image or at very least have the control registered in the baseline distributed user desktop image.

If you cannot get your controls registered with this CCRPREGUTIL (above) then you should either use some sort of Administrator login script with Admin rights or remote configuration management to register the control for all users OR have them log in with admin rights to the local machine just long enough to register the control or install the program or else you will need to do without the control.  There is no way around this security that I am aware of.

Expert Comment

ID: 9840877
> Did your client/company have the same restrictions?
Don't know. They used the package more to push the software to the clients ... So, I guess they were using SMS (System Management Server) or any script to push the files and the Registry-values ...

I know if the admin didn't his work like he should be, this .reg sometimes works.

But, like Informative mentions, ... If your user has really no access to the registry, there is no work-arround to get your OCX/DLL in the registry

If there was a work arround, it must be a security hole that would be quickly repaired with a new patch :-)


Author Comment

ID: 9848345
Thanks all,

The "Thinstall" software achieves the goal nearly perfectly.

Anyone know where we can find it cheaper than the $750 on their website?

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most everyone who has done any programming in VB6 knows that you can do something in code like Debug.Print MyVar and that when the program runs from the IDE, the value of MyVar will be displayed in the Immediate Window. Less well known is Debug.Asse…
This article describes how to use a set of graphical playing cards to create a Draw Poker game in Excel or VB6.
Get people started with the utilization of class modules. Class modules can be a powerful tool in Microsoft Access. They allow you to create self-contained objects that encapsulate functionality. They can easily hide the complexity of a process from…
Show developers how to use a criteria form to limit the data that appears on an Access report. It is a common requirement that users can specify the criteria for a report at runtime. The easiest way to accomplish this is using a criteria form that a…
Suggested Courses
Course of the Month18 days, 2 hours left to enroll

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question