roberthdl
asked on
disable UAC file virtualization in Windows 8
We have a legacy app which writes to an .ini file in a protected location. In Windows Vista/7, we can bypass this issue by turning off UAC which in turn disables UAC file virtualization using the virtualstore. Unfortunately this does not work in Windows 8. Turn UAC all the way down and the problem still occurs. Google info is full of tips for Vista/7, but I guess as 8 hasn't hit the masses yet I haven't found a solution.
Now I know that turning off UAC is not a great idea, and is not a true solution - which would be modifying the legacy app to write to a non-restricted area. However, for various reasons this is not possible.
Now I know that turning off UAC is not a great idea, and is not a true solution - which would be modifying the legacy app to write to a non-restricted area. However, for various reasons this is not possible.
ASKER
yes, I understand the issue. The app is only used internally and only for a handful of users. We are able to give appropriate user permissions to the required location, but as I indicated turning UAC off does not have the same effect in win 8 that it had in win 7. The app still reads/writes to the virtual store location. I'm looking for a way to turn this off in win 8.
Hi.
In what way did you modify permissions? Some paths like c:\ for example need to be modified both NTFS-permission-wise and also integrity level-wise. So what did you do so far and what directory is it all about?
In what way did you modify permissions? Some paths like c:\ for example need to be modified both NTFS-permission-wise and also integrity level-wise. So what did you do so far and what directory is it all about?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
About integrity levels: read http://msdn.microsoft.com/en-us/library/bb625964.aspx
c:\windows wears the label "no write up".
c:\windows wears the label "no write up".
ASKER
not the solution I was looking for, but works all the same. We created a .manifest to set the app security level such that file virtualization would be disabled. Place it in the .exe location and it works like a charm.
You need to understand, what folder virtualization is about. It tries to solve the problem of weak users being unable to write to protected locations, normally, it does not create a problem.
If you turn it off to overcome whatever problem it creates, you still cannot write to protected locations because turning it off does not change NTFS permissions - not in win 8 and not in win7. So please tell us if you changed the NTFS permissions to enable the user of that app to write there. If yes, then you will need to use procmon (freeware logging tool) to reveal what causes access denials.