Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Security Interference: Installing a client-server on customers' computers

Posted on 2013-06-11
4
Medium Priority
?
322 Views
Last Modified: 2013-06-13
Experts -

My company sells a client (written in VB) that communicates with a server instance ( SQL 2005). Our techs usually install the client, Miscrosoft SQL, and a server instance that houses the databases that the client talks to.

As of late, we are having more and more issues with customers' security policies; inability to register the software, incorrect functionality within the software, or incomplete lists of items within the software. All, to my knowledge, happen as a result of incomplete access rights for users.

What we have been doing is asking to customer to grant us local admin rights to install the software, and upon completion, we ask that they create a group in Windows for the users of the software, in which, they have Power User privilege.

Now, every customer environment is different. I am thinking that there has to be a better way for the software to coexist within a customer's security system. I thought about using "dependency walker", but that, to my knowledge, only works with an already installed software (or would it work here?)

I am thinking that I might create a tool that examines whether a user has the needed rights to run the client properly, but for that, I would need to know what the software needs.

Any ideas? Apologies about the long-winded diatribe.

Tairo
0
Comment
Question by:Tairo
  • 2
4 Comments
 
LVL 49

Assisted Solution

by:PortletPaul
PortletPaul earned 900 total points
ID: 39239981
To be honest, the best advice I could provide would be to start designing a solution that avoids a client installation at all. Not sure what your marketplace is exactly but more and more organizations are leaning towards "zero footprint" solutions and expecting vendors to to provide this. Installing client software is not only cumbersome - it is very costly to the client organization (think of all the security issues and regression testing).

Aim at I.E./Firefox/Chrome as being the UI platform (choose an older IE like 8 for broader appeal) also try to avoid extensions such as Flash (many corps I know disallow it).

Quite possibly this isn't the advice you were seeking - but it is well intended.
0
 
LVL 84

Accepted Solution

by:
David Johnson, CD, MVP earned 900 total points
ID: 39240060
You need to redesign your software so that it follows the Microsoft Programming Best Practices. Architecture Guide

Power users Don't really exist.  One is an administrator or one is a standard user.  Admin for installation is fine and dandy. But you'd better come up with some really valid reasons why your program needs administrative access in order to run.  Perhaps the parts that require admin access should be placed in a service that can run as localsystem or networksystem.  

a program that accesses a sql server doesn't require administrative privileges..

Programming for a Standard User Channel 9 Video
0
 
LVL 49

Expert Comment

by:PortletPaul
ID: 39240093
:) glad someone provided the style of advice requested - but reverting to my more forward looking advice I wanted to add:

You are also (currently) using sql 2005 which is 2 major versions behind current (sql 2012); this situation won't hold forever in the marketplace either. I'd suggest that while addressing your client install might be a worthwhile tactical move, you also need to consider your "next generation" of product - and in that generation try to avoid client installs.

Cheers & good luck with the client installs :)
0
 

Author Closing Comment

by:Tairo
ID: 39244429
Thank you, Experts!
0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows gives you an overview on SQL Server 2016 row level security. You will also get to know the usages of row-level-security and how it works
This article describes how to use a set of graphical playing cards to create a Draw Poker game in Excel or VB6.
This video shows, step by step, how to configure Oracle Heterogeneous Services via the Generic Gateway Agent in order to make a connection from an Oracle session and access a remote SQL Server database table.
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function

782 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question