Mark said:
I've installed a program (Palm Desktop to be exact) that required
Administrator privileges for installation.
I can see it from the Start menu as Administrator, but not as a
user. Poking around, I've found a number of features that look
like they would grant execute privileges to users, but none of
them seem to work - I can't even SEE the program unless I'm
Administrator.
Rather than continue poking at it and possibly buggering something
up, I thought I should ask how to do this. Obviously this is going
to be a common enough thing....
Thanks!
(If responding by email, see below)
This is quite common if the software was designed for Win9x/Me, or
if it was intended for WinNT/2K/XP, but was improperly designed. Quite
simply, the installation routine for this application doesn't "know"
how to handle individual user profiles, or the application tries to
make changes to "off-limits" sections of the registry. Quite often,
you can make this software available to other users by _copying_ the
Start Menu folder and Desktop folder shortcuts from the user profile
from which the software was installed in the corresponding folders in
the user profile(s) in which you'd like the software to be accessible.
If the application is something that can/should be made available to
all current and future users, copying the shortcuts into the
corresponding locations of the All Users profile will do the trick.
For some obscure reason, game developers in particular seem to not
understand WinXP's file security paradigm, and require even limited
users to have unnecessarily high privileges to protected systems
folders. For example, saved games are often stored in a sub-folder
under the game's folder within C:\Program Files - a place where no
inexperienced or limited user should have write permissions.
NOTE: This may not work if the software requires access to parts
of the hard drive and/or registry that are not normally accessible to
regular users. (This won't occur if the application was properly
written.) If this does prove to be the case, however, you're left
with two options: Either grant the necessary users appropriate higher
access privileges (either as Power Users or local administrators), or
replace the application with one that was properly designed
specifically for WinNT/2K/XP.
Some Programs Do Not Work If You Log On from Limited Account
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q307091
Additionally, here are a couple of tips suggested, in a reply to a
different post, by MS-MVP Kent W. England:
"If your game or application works with admin accounts, but not with
limited accounts, you can fix it to allow limited users to access the
program files folder with "change" capability rather than "read" which
is the default.
C:\>cacls "Program Files\appfolder" /e /t /p users:c
where "appfolder" is the folder where the application is installed.
If you wish to undo these changes, then run
C:\>cacls "Program Files\appfolder" /e /t /p users:r
If you still have a problem with running the program or saving
settings on limited accounts, you may need to change permissions on
the registry keys. Run regedit.exe and go to HKLM\Software\vendor\app,
where "vendor\app" is the key that the software vendor used for your
specific program. Change the permissions on this key to allow Users
full control."
Palm software, in particular, has always (well, at least since the
WinNT days) been problematical in this respect. For some obscure
reason, it seems like it has never been properly designed to operate
in a secure business environment and synchronize with a secure,
multi-user OS. To give your Palm software the functionality you need:
1) Log in as Administrator.
2) Add the normal user account(s) to the workstation's local
administrators group.
For each account that must use the Palm software:
3) Log out and log in using the normal user account.
4) Install and configure the Palm software.
When all account(s) have been configured:
5) Log out and log in as Administrator.
6) Remove the normal user account(s) from the workstation's local
administrators group.
7) Log out and log in using the normal user account(s).
8) Use the Palm software as desired.
--
Bruce Chambers
Help us help you:
You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
