|
dev
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Allow Click-Once app run by Non-Admin user to log in event logapps are writting in the event log, if the user is a local ADMIN. but for non-admin users, our apps are unable to write to any event log. how to allow a click once apps to write in an event log for non-admin user? Here's our code: if (!EventLog.SourceExists("Enterprise Library Logging")) { EventLog.CreateEventSource("Enterprise Library Logging", "UAP"); } EventLog elog = new EventLog(); elog.Log = "UAP"; elog.Source = Application.ProductName; elog.MaximumKilobytes = 102400; // Comme les autres EVENT LOG. elog.WriteEntry("App STARTED", EventLogEntryType.Information); elog.Close(); Hi SHEBERT,
When a ClickOnce application is installed on a client machine, the application files are downloaded to the current user location(%userprofile%\AppData\Local) and the ClickOnce application only runs on behalf of the current user. Because these applications and their state reside in a per-user location they are not protected and are subject to tampering by the user or by code running on behalf of the user. As a result any application which requests admin elevation can be exploited to run code to which the user has not given explicit consent. This exploit constitutes a privilege elevation security attack. That's to say, ClickOnce doesn't support admin elevation. You should always install and run the ClickOnce application requiring administrator privilege under an administrator account. Hope this helps. If you have any concern, please feel free to let me know. Sincerely, Linda Liu Microsoft Online Community Support ================================================== Get notification to my posts through email? Please refer to http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif ications. Note: The MSDN Managed Newsgroup support offering is for non-urgent issues where an initial response from the community or a Microsoft Support Engineer within 1 business day is acceptable. Please note that each follow up response may take approximately 2 business days as the support professional working with you may need further investigation to reach the most efficient resolution. The offering is not appropriate for situations that require urgent, real-time or phone-based interactions or complex project analysis and dump analysis issues. Issues of this nature are best handled working with a dedicated Microsoft Support Engineer by contacting Microsoft Customer Support Services (CSS) at http://msdn.microsoft.com/subscriptions/support/default.aspx. ================================================== This posting is provided "AS IS" with no warranties, and confers no rights. Are you saying that loggin in an event log require "admin elevation" ?
The app doesn't have to create the event log, I understand that you need admin rights for that, but i need the app to LOG in the event log. I did a VB6 program and it did log fine in the log event under a non-admin account. why can a click-once can't write in an event log under a non-admin account? Show quote "Linda Liu[MSFT]" wrote: > Hi SHEBERT, > > When a ClickOnce application is installed on a client machine, the > application files are downloaded to the current user > location(%userprofile%\AppData\Local) and the ClickOnce application only > runs on behalf of the current user. > > Because these applications and their state reside in a per-user location > they are not protected and are subject to tampering by the user or by code > running on behalf of the user. As a result any application which requests > admin elevation can be exploited to run code to which the user has not > given explicit consent. This exploit constitutes a privilege elevation > security attack. > > That's to say, ClickOnce doesn't support admin elevation. You should always > install and run the ClickOnce application requiring administrator privilege > under an administrator account. > > Hope this helps. > If you have any concern, please feel free to let me know. > > Sincerely, > Linda Liu > Microsoft Online Community Support > > ================================================== > Get notification to my posts through email? Please refer to > http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif > ications. > > Note: The MSDN Managed Newsgroup support offering is for non-urgent issues > where an initial response from the community or a Microsoft Support > Engineer within 1 business day is acceptable. Please note that each follow > up response may take approximately 2 business days as the support > professional working with you may need further investigation to reach the > most efficient resolution. The offering is not appropriate for situations > that require urgent, real-time or phone-based interactions or complex > project analysis and dump analysis issues. Issues of this nature are best > handled working with a dedicated Microsoft Support Engineer by contacting > Microsoft Customer Support Services (CSS) at > http://msdn.microsoft.com/subscriptions/support/default.aspx. > ================================================== > > This posting is provided "AS IS" with no warranties, and confers no rights. > > Hi SHEBERT,
Thank you for your prompt reply! > Are you saying that loggin in an event log require "admin elevation" ? Sorry that I didn't explain clearly in my first reply. No, logging an entry in the existing event log does not require administrative rights, but both creating a new event source and setting the MaximumKilobytes property of the EventLog object does reuire administrative rights. If a ClickOnce application doesn't require administrative rights, it can be installed and run under a non-admin account properly without any problem. Hope this helps. If you have any question, please feel free to let me know. Sincerely, Linda Liu Microsoft Online Community Support Hi SHEBERT,
How about the problem now? If you have any question, please feel free to let me know. Thank you for using our MSDN Managed Newsgroup Support Service! Sincerely, Linda Liu Microsoft Online Community Support I will have to investigate this more, but it seems that I can’t log in an
event log with a non-admin account with the pc (Windows 2000 SP4) I was doing my test. I tried on an XP and even another Windows 2000 PC and I could with the same app. Show quote "Linda Liu[MSFT]" wrote: > Hi SHEBERT, > > How about the problem now? > > If you have any question, please feel free to let me know. > > Thank you for using our MSDN Managed Newsgroup Support Service! > > Sincerely, > Linda Liu > Microsoft Online Community Support > > Hi SHEBERT,
How about the problem now? If the problem is still not resolved, please feel free to let me know. Thank you for using our MSDN Managed Newsgroup Support Service! Sincerely, Linda Liu Microsoft Online Community Support  |
|||||||||||||||||||||||
Other interesting topics