Vista - RegCreateKeyEx

RegCreateKeyEx always fails on Vista 64-bit. The error code is 5. Does
anyone know what is necessary to allow Reg Key creation on Vista 64?

What registry key are you trying to create?


--
- JB

Windows Vista Support Faq
http://www.jimmah.com/vista/

Anything under HKLM or KHCR. For example:
lRet = RegCreateKeyEx ( HKEY_CLASSES_ROOT, pszServerName, 0, NULL,
REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hKey, &dwDispos ) ;


"Jimmy Brush" wrote:

> What registry key are you trying to create?
>
>
> --
> - JB
>
> Windows Vista Support Faq
> http://www.jimmah.com/vista/

In Windows Vista, your program runs as a standard ("limited") user, even
when the user is logged in as an administrator.

If your program is compiled to a 64-bit executable and runs on a 64-bit
system, and you try to create/modify a registry key outside of HKCU, you
will get an access denied error.

If your program is compiled to a 32-bit executable, Windows will "redirect"
all of your illegal registry writes to HKCU, most likely causing your
application to misbehave, since it believes it is changing system settings
when it really isn't.

If your application MUST write to these registry keys, for example as an
installer or whatnot, you will need to add a manifest to your application
that instructs Windows to ask the user for permission to run the program
with administrator privileges. This will allow your program to write to
these registry areas, at the price of making the user give permission to
allow your program to run every time. Here's more info on that:

http://msdn.microsoft.com/windowsvis...cProtVista.asp
http://www.microsoft.com/whdc/winlogo/LH_logo.mspx

However, if your application does not have a good reason for writing to
these registry areas, it should be modified to write to HKCU instead.


--
- JB

Windows Vista Support Faq
http://www.jimmah.com/vista/

Hello Mr. Brush,

In another thread, your recommended that in order to circumvent the vista
permissions dialogs that they build their .net application with a manifest in
a particular way.

I replied to your response but am not sure it was sent out as I cannot find
it now!

So may I ask it here?

How would I do the equivalent from C++?

thanks!


--
Thanks so much,

george

_________________________
George S. Lockwood
Lead Client Developer
peoplePC, an EarthLink company



"Jimmy Brush" wrote:

> What registry key are you trying to create?
>
>
> --
> - JB
>
> Windows Vista Support Faq
> http://www.jimmah.com/vista/

Hi Jimmy,

> If your program is compiled to a 32-bit executable, Windows will
> "redirect" all of your illegal registry writes to HKCU, most likely
> causing your application to misbehave, since it believes it is changing
> system settings when it really isn't.

How can we turn off the 32bit redirect feature, so it just says "Access
Denied"?

--
Gerry Hickman (London UK)

Hello,

This can be done via group policy.

- Click start
- Type: local security policy
- Expand local policies in the left
- Click security options
- Double-click "User account control: Virtualize file and registry write
failures to per-user locations"
- Click Disabled
- Click OK

This will affect all applications running on that computer.

This will greatly affect application compatability ... There are a lot of
programs that rely on being able to write to off-limits folders and registry
keys

However, if all the applications you use do not need this compatability
feature, I do recommend turning it off because of the problems it can cause.

--
- JB

Windows Vista Support Faq
http://www.jimmah.com/vista/

Hi Jimmy,

> This can be done via group policy.

<snip>

> - Double-click "User account control: Virtualize file and registry write
> failures to per-user locations"
> - Click Disabled

> This will affect all applications running on that computer.

OK, this is cool!

> This will greatly affect application compatability ... There are a lot
> of programs that rely on being able to write to off-limits folders and
> registry keys
>
> However, if all the applications you use do not need this compatability
> feature, I do recommend turning it off because of the problems it can
> cause.

Well I don't know the answer yet, but surely you are supposed to
_install_ programs with Admin rights (in the middle of the night) and
then the users _run_ them with user rights (during the day). That's how
I've been doing it since year 2000. The way I see it, this registry
re-direction is a WEAKENING of security. If a virus wants to write to
HKLM is should say "Access Denied", not re-direct it!

--
Gerry Hickman (London UK)

> Well I don't know the answer yet, but surely you are supposed to _install_
> programs with Admin rights (in the middle of the night) and then the users
> _run_ them with user rights (during the day). That's how I've been doing
> it since year 2000. The way I see it, this registry re-direction is a
> WEAKENING of security. If a virus wants to write to HKLM is should say
> "Access Denied", not re-direct it!

I agree with you. However, thousands of application developers don't seem to
get it


--
- JB

Windows Vista Support Faq
http://www.jimmah.com/vista/

Hi Jimmy,

>> Well I don't know the answer yet, but surely you are supposed to
>> _install_ programs with Admin rights (in the middle of the night) and
>> then the users _run_ them with user rights (during the day). That's
>> how I've been doing it since year 2000. The way I see it, this
>> registry re-direction is a WEAKENING of security. If a virus wants to
>> write to HKLM is should say "Access Denied", not re-direct it!
>
> I agree with you. However, thousands of application developers don't
> seem to get it

Can you name any well-known applications that "don't get it"?

--
Gerry Hickman (London UK)