797b7557ad71a61ffb72a68f4457a3d999e7e252 2428 |
|
18-Jul-2007 |
jvergara |
Fix for issue 1603 (quickInstall fails to register service on vista)
With the new user access control of Vista, even if we are administrators we are not allowed to do certain operations (such as writing in the service registry) in some circumstances. For instance if we launch net start <service_name> from a normal command prompt this will fail systematically. In order to be able to execute these "privileged" operations we have different alternatives:
Execute the binary that will do the operations using the "Run as Administrator" option in Vista (or launching them from a command prompt that has been started using that same option).
Add a manifest to the binary informing that the binary requires administrator privileges.
The first alternative is one of the workarounds for the bug, however it does not apply to the case of the Java Web Start Installer.
The second alternative is in what consists the bug fix. A new binary has been created. This binary has a manifest informing that it requires administrator privileges. This binary will be used in Vista as a wrapper to call operations that require administrator privileges (modifying the registry in windows-services.bat command line and calling "net start" and "net stop").
If the user is running the setup, the status-panel using the "Run as Administrator" option or is using the command lines from a command prompt launched with that option the behavior in Vista does not change with the behavior in previous versions of Windows.
If the UAC is enabled and the user is not using the "Run as Administrator" options, (s)he will be prompted for confirmation each time the registry is modified and the server is started or stopped as a service. The wrapper is called on any of the individual operations. An alternative would be to call the wrapper when we launch the setup or the status-panel but this generates some issues:
1. This does not work (directly) with the Java Web Start installer.
2. This would force users that are not administrators to provide administrator credentials even to install/run an OpenDS that does not require to do privileged operations (an OpenDS that does not run as a service). |