Solved

Allowing non-administrators to write to HKLM\software\myapp on XP with VB6

Posted on 2007-04-10
10
713 Views
Last Modified: 2007-12-19
Hi-

I see that this exact question has been asked before but if there was a solution, it was not evident to me. And even though it appears from looking at similar questions that there is not solution to my problem, I shall ask it again anyway:

I have a VB6 application running on XP which stores user selectable options in the HKLM\software\myApp registry key. These options are really application specific rather than user specific which is why I really need to store the information there (I need to avoid using the HKCU key). My problem is that in order to write to my registry key, the user has to have administrative privileges which most users do not. My current work around is to go to each PC and using REGEDT32 with the administrator account, give the everyone group full control of the HKLM\Software\MyApp registry key. This is not a practical workaround. Is there a way using VB that I can grant the everyone group full control of the myapp registry key when I create it? I’m a hardware guy not a software guy, so don’t get too complex with responses.

Thanks for your help,
Bill
0
Comment
Question by:bill_sutton
10 Comments
 
LVL 67

Expert Comment

by:sirbounty
ID: 18885573
Hmm - there may be a 'better' solution, so feel free to wait on further input, but I've found one workaround - schedule the import via a shelled command, which uses the system account...

Here's somewhat what I'm referring to...

'Get the 'new time' - 15 minutes from now...

InstallTime=format(DateAdd("n",15,time),"HH:mm:ss")

Next, run a shelled import using the above time:

Shell "schtasks /create /ru system /sc once /st " & NewTime & " /tn RegImport /tr " & chr(34) & "reg add HKLM\Software\MyApp /v MyValue /d MyData" & chr(34)

Now, this should launch a scheduled task using the Local System account to run the reg import, 15 minutes from the current time...
0
 
LVL 76

Expert Comment

by:GrahamSkan
ID: 18885589
I may have misread the situation, but why don't you use SaveSetting/GetSetting which is designed for that scenario.
0
 
LVL 2

Expert Comment

by:soco180
ID: 18886808
Here is a hack suggestion that shouldn't require you to change any code.

How about create a batch file to do exactly what you are doing manually. Place that batch file in a public share. Then add a line of code to your VB app to execute the batch file on start up...

'****************************************
'Insert this into a bas module
'****************************************
Public Const SW_SHOW As Long = 5
Public Const SW_SHOWNORMAL As Long = 1
Public Const SW_SHOWMAXIMIZED As Long = 3
Public Const SW_SHOWDEFAULT As Long = 10

Public Declare Function ShellExecute Lib "shell32" _
   Alias "ShellExecuteA" _
  (ByVal hWnd As Long, _
   ByVal lpOperation As String, _
   ByVal lpFile As String, _
   ByVal lpParameters As String, _
   ByVal lpDirectory As String, _
   ByVal nShowCmd As Long) As Long

Public Declare Function GetDesktopWindow Lib "user32" () As Long

Public Sub RunShellExecute(sTopic As String, sFile As Variant, _
                            sParams As Variant, sDirectory As Variant, _
                            nShowCmd As Long)

  'execute the passed operation, passing
  'the desktop as the window to receive
  'any error messages
   Call ShellExecute(GetDesktopWindow(), _
                     sTopic, _
                     sFile, _
                     sParams, _
                     sDirectory, _
                     nShowCmd)

End Sub



'****************************************
'Then add this line of code somewhere in
'your app either in an error handler, or
'in the project startup object
'(probably overkill but you shouldn't
'have to change any existing code)
'****************************************
RunShellExecute "open", "\\Server\PublicShare\MyBatchFile.bat", 0&, 0&, SW_SHOWNORMAL
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:bill_sutton
ID: 18890155
Thanks for the quick replies... I have a situation that prevents me from looking closly at these today but on quick glance: I like the Get/Save settings idea execpt that they are for the current user and not for the Application.
The scheduling idea might work except that the optins need to be stored in real time (users make changes, save,  then execute a test. If another user comes by later, they need to pick up with the last settings).
It is not immediatly clear to me what the last idea does or if it will help me, I will look closer at it tomorrow.
Thanks again,
Bill
0
 
LVL 2

Accepted Solution

by:
soco180 earned 500 total points
ID: 18895102
Bill, RE: the third suggestion (my suggestion)

In this example we will use REGINI.exe to execute a batch file to change the permissions for Administrator, Creater/Owner and Everyone to FULL CONTROL.
source: http://support.microsoft.com/kb/264584
             http://support.microsoft.com/kb/q245031

If you type really really slow with your eyes closed and you take a 5 minute smoke break between step 1 and step 2, this should take you only 15 minutes if you can answer TRUE to the these 2 questions.

Q1 - You have a  Bas Module in your VB6 Application?
              Add another 20 seconds if you have to insert a new bas module.
Q2 - You have a public share accessible to your end users?



Step 1:


Create 2 files.

File #1 - Create a simple txt file. Pretend the file #1 is named AppRegPerm.txt created on a public share "\\YourServerName\YourPublicShare".

Add the below line to AppRegPerm.txt
    \Registry\Machine\SOFTWARE\AppTest [1 5 7]

Now change the text "AppTest" to be what ever your application key uses (the one that you are manually editing permissions on using REGEDIT32).


File #2 - Create a batch file and add the next line to it. Create it on \\YourServerName\YourPublicShare.

Add the next line to your batch file.
    REGINI \\YourServerName\YourPublicShare\AppRegPerm.txt




Step 2:



Paste this code in a bas module (a Module that ends in .bas). It uses Windows API but you don't have to understand it.

Public Const SW_SHOW As Long = 5
Public Const SW_SHOWNORMAL As Long = 1
Public Const SW_SHOWMAXIMIZED As Long = 3
Public Const SW_SHOWDEFAULT As Long = 10

Public Declare Function ShellExecute Lib "shell32" _
   Alias "ShellExecuteA" _
  (ByVal hWnd As Long, _
   ByVal lpOperation As String, _
   ByVal lpFile As String, _
   ByVal lpParameters As String, _
   ByVal lpDirectory As String, _
   ByVal nShowCmd As Long) As Long

Public Declare Function GetDesktopWindow Lib "user32" () As Long

Public Sub RunShellExecute(sTopic As String, sFile As Variant, _
                            sParams As Variant, sDirectory As Variant, _
                            nShowCmd As Long)

  'execute the passed operation, passing
  'the desktop as the window to receive
  'any error messages
   Call ShellExecute(GetDesktopWindow(), _
                     sTopic, _
                     sFile, _
                     sParams, _
                     sDirectory, _
                     nShowCmd)

End Sub



Step 3:


Execute the batch file you created from your VB6 application...

Just add the below line to your VB6 app where ever you see fit...You may decide to add it to your startup object of the app as a quick and dirty method.

RunShellExecute "open", "\\YourServerName\YourPublicShare\YourBatchFile.bat", 0&, 0&, SW_SHOWNORMAL

Finished and good luck!
0
 

Author Comment

by:bill_sutton
ID: 18899382
I think that the third solution may be the one that I am looking for; I implemented it and tried it on a couple of machines... while I still need admin priveledge to create the key in the first place (at least on one machine) after that it seems that everyone can update it. Lets see what happens when I release it to the general public.

I'll get back by Tuesday.

Thanks!
Bill
0
 
LVL 2

Expert Comment

by:soco180
ID: 18899570
Bill, I am glad to here that.

FYI...REGINI will actually create the key if it does not exist.
For instance, had you actually ran the \Registry\Machine\SOFTWARE\AppTest [1 5 7] without changing it, REGINI would have created a new Key HKLM\SOFTWARE\AppTest.

So you may be able to rely on REGINI to even create the key.

Now I am not 100% sure about that because when I tested it I was the local ADMIN on my PC.

However, another approach, what if you used REGINI to give the Everyone account FullControl on the HKLM\SOFTWARE key before creating your new reg entry?

0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

When designing a form there are several BorderStyles to choose from, all of which can be classified as either 'Fixed' or 'Sizable' and I'd guess that 'Fixed Single' or one of the other fixed types is the most popular choice. I assume it's the most p…
Background What I'm presenting in this article is the result of 2 conditions in my work area: We have a SQL Server production environment but no development or test environment; andWe have an MS Access front end using tables in SQL Server but we a…
Get people started with the process of using Access VBA to control Outlook using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Microsoft Outlook. Using automation, an Access applic…
Get people started with the utilization of class modules. Class modules can be a powerful tool in Microsoft Access. They allow you to create self-contained objects that encapsulate functionality. They can easily hide the complexity of a process from…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now