Security Interference: Installing a client-server on customers' computers

Experts -

My company sells a client (written in VB) that communicates with a server instance ( SQL 2005). Our techs usually install the client, Miscrosoft SQL, and a server instance that houses the databases that the client talks to.

As of late, we are having more and more issues with customers' security policies; inability to register the software, incorrect functionality within the software, or incomplete lists of items within the software. All, to my knowledge, happen as a result of incomplete access rights for users.

What we have been doing is asking to customer to grant us local admin rights to install the software, and upon completion, we ask that they create a group in Windows for the users of the software, in which, they have Power User privilege.

Now, every customer environment is different. I am thinking that there has to be a better way for the software to coexist within a customer's security system. I thought about using "dependency walker", but that, to my knowledge, only works with an already installed software (or would it work here?)

I am thinking that I might create a tool that examines whether a user has the needed rights to run the client properly, but for that, I would need to know what the software needs.

Any ideas? Apologies about the long-winded diatribe.

Tairo
TairoAsked:
Who is Participating?
 
David Johnson, CD, MVPConnect With a Mentor OwnerCommented:
You need to redesign your software so that it follows the Microsoft Programming Best Practices. Architecture Guide

Power users Don't really exist.  One is an administrator or one is a standard user.  Admin for installation is fine and dandy. But you'd better come up with some really valid reasons why your program needs administrative access in order to run.  Perhaps the parts that require admin access should be placed in a service that can run as localsystem or networksystem.  

a program that accesses a sql server doesn't require administrative privileges..

Programming for a Standard User Channel 9 Video
0
 
PortletPaulConnect With a Mentor Commented:
To be honest, the best advice I could provide would be to start designing a solution that avoids a client installation at all. Not sure what your marketplace is exactly but more and more organizations are leaning towards "zero footprint" solutions and expecting vendors to to provide this. Installing client software is not only cumbersome - it is very costly to the client organization (think of all the security issues and regression testing).

Aim at I.E./Firefox/Chrome as being the UI platform (choose an older IE like 8 for broader appeal) also try to avoid extensions such as Flash (many corps I know disallow it).

Quite possibly this isn't the advice you were seeking - but it is well intended.
0
 
PortletPaulCommented:
:) glad someone provided the style of advice requested - but reverting to my more forward looking advice I wanted to add:

You are also (currently) using sql 2005 which is 2 major versions behind current (sql 2012); this situation won't hold forever in the marketplace either. I'd suggest that while addressing your client install might be a worthwhile tactical move, you also need to consider your "next generation" of product - and in that generation try to avoid client installs.

Cheers & good luck with the client installs :)
0
 
TairoAuthor Commented:
Thank you, Experts!
0
All Courses

From novice to tech pro — start learning today.