Visual Basic - Load OCX (DLL) files manually to avoid Registry actions (Administrative Rights)

First, let me give you an idea of what we're trying to do

PROBLEM: We're working with a client to provide a product that will users to bypass Administrative Rights and use the software.

I'm presuming that their security structure is similar to Windows XP's "Limited Access" mode for assigning users... ie:

- Copy files/Create Folders
- Run files (ie: EXE)

- Copy files to "Program Files" or to System Folders (ie: Windows, System32)
- Write to user's registry

Our software requires some OCX files (ie: RichTX32.ocx, MSCAL.ocx, etc)

QUESTION:  Is it possible to load the OCX files within VB, so the files would not need to be copied to the System32 folder, not registered.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Try keeping the OCX in the same directory as your program. Could work..
kirkhillesAuthor Commented:

Good thought, but I've already tried that with no luck.  When I try to run the application with the files in anywhere but the System32 folder, I get an error "Out of Memory"

I've also tried setting the PATH via command line, but that didn't work either.
So your app does see the OCX but throws memory errors ? Do the OCX depend on other files ?
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

The location of OCX and DLL files is not important. It's no problem if they are outside the System32-folder.

However, because you can't register them, I think it will be impossible to use them. Because, when you register them, an entry is created in the registry with the name of you OCX/DLL, location (path) the ClassID (GUID) and so on.

So, I think it's impossible to use OCX and DLL files without registring them?

But, is there a possibility on these computers to execute a .reg-file? A .reg-file stores Register-Keys and when you double click on it, they are imported into the registry.

---------------------- Example of a registry File -> Try to execute it ----------------------

Windows Registry Editor Version 5.00

"MyValue"="My Value Data"

---------------------- Example of a registry File -> Try to execute it ----------------------

If you can, you could try to find all the registry-keys written to the registry when registering a DLL/OCX. If you store all these keys in a .reg-file and you can execute it, I think it will be the same as you would register it.

We use this method to install the Authorware WebPlayer Plugin. What we do, we copy first all the files to a folder (not WinNT, not Program Files). Then, we adapt our self-made .reg-file with the new file-paths. If ready, we execute the .reg-file, so all the keys (ClassIDs, Paths, ...) are imported into the registry.

I did the job myself (looking for all the keys), but there are also programs that locates all keys connected to a given program or DLL/OCX.

Can you run these .reg-files on these computers?

kirkhillesAuthor Commented:
Unfortunately, I believe that they can NOT run the .REG file (I was unable to run it in Windows XP Limited Access mode, but could as an Administrator)

The reason I mention the location of the OCX is, is that the software loads if the RichTX32.ocx file is copied to the SYSTEM32 folder (on a fresh Windows XP Pro install), but gives an error if its not.

I could, however, be wrong about them not able to install the .REG file; I just know they are using Windows XP and the "Limited" mode seemed to meet their restrictions (not being able to install to the registry)

Did your client/company have the same restrictions?  

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
No.  You can't use unregistered OCX controls.  Take this CCRP controls project download for example:

This includes a zip file named ccrpftv6-10
which includes a program named   ccrpRegUtil.exe   very handy!

I've got this associated with the OCX extension so I can double click any OCX file and have it registered into the registry so that it may then be selected from tools toolbars and control reference lists as well as being inserted and used from Office or VB applications without getting the control not registered error.

The bottom line is, there is no magic wand to give people rights you have deliberately revoked with policy editor.  If you want to have a bulletproof safe user machine population protected from installing garbage like screensavers, garfield mouse cursors and other viruses and protect them from mangling their registry - for ease of support, then you will also have locked them out of installing beneficial applications as well..

Have your application added to the baseline image or at very least have the control registered in the baseline distributed user desktop image.

If you cannot get your controls registered with this CCRPREGUTIL (above) then you should either use some sort of Administrator login script with Admin rights or remote configuration management to register the control for all users OR have them log in with admin rights to the local machine just long enough to register the control or install the program or else you will need to do without the control.  There is no way around this security that I am aware of.
> Did your client/company have the same restrictions?
Don't know. They used the package more to push the software to the clients ... So, I guess they were using SMS (System Management Server) or any script to push the files and the Registry-values ...

I know if the admin didn't his work like he should be, this .reg sometimes works.

But, like Informative mentions, ... If your user has really no access to the registry, there is no work-arround to get your OCX/DLL in the registry

If there was a work arround, it must be a security hole that would be quickly repaired with a new patch :-)

kirkhillesAuthor Commented:
Thanks all,

The "Thinstall" software achieves the goal nearly perfectly.

Anyone know where we can find it cheaper than the $750 on their website?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Visual Basic Classic

From novice to tech pro — start learning today.