App start .cmd file, security warning calling regedit.exe only on some machines

M

mdlueck

Sr. Application Developer
Local time
Today, 18:02
Joined
Jun 23, 2011
Messages
2,650
Greetings,

I rolled my own Access application startup script in Windows NT Command Script (NT Batch .cmd file) language.

On one machine, I see a security warning that the script is going to run Regedit.exe... setting registry settings so that the Access application will work properly and not display security nonsense messages.

I checked with IT about the difference. Their answer is that both machines were imaged the same way... between my test machine and this one which was upgraded today.

So, any suggestions what might the difference be issuing this from a .CMD file?
Code: 
REM Now merge in the dynamically created registry file
RegEdit.exe /S %XYZRegFile%
Does anyone know something I can set on the workstation during initial application software deployment that would prevent this type of warning from popping each time the application is launched via the desktop shortcut? I apologize for not being able to provide a screen shot of the security warning message, Win7 kindly refused to capture a screen shot to the Windows clipboard... "security risk" no doubt... :confused:
 
2 machines being imaged the same way does not mean they are still currently the same. It sounds like UAC was turned off on one of the machines.
 
DJkarl said:
2 machines being imaged the same way does not mean they are still currently the same. It sounds like UAC was turned off on one of the machines.
Click to expand...

So far I have checked three Win7 machines. Only this one machine is popping the security prompt. Mine and one other do not. So, we are correct, this third/new machine is in error! :p

What do you specifically mean by the bolded bit? How/what to check?
 
On my Win7 test machine, the slider is all the way to the top / default / always notify. Yet I am seeing no warning when RegEdit is about to make changes to the registry. Probably all accounts provisioned by IT have the slider at the top / default / always notify.

What else could be different between these Win7 machines?
 
Individual permissions maybe? Are you part of a power user or admin group, or are they part of a different user group?
 
I have my test account locked down as best I can... I have made it a member of the local Guest group. I want to be sure my application will deploy / run without error no matter what.

Initially my account (domain account, workstation permissions of) had Admin permissions. I issued these commands to create a workstation admin account:

Code: 
  C:\> NET USER Fandango password /ADD /EXPIRES:NEVER
  C:\> NET LOCALGROUP Administrators Fandango /ADD
Then I logged into that local admin account and adjusted the workstation permissions of my domain account down to Guest, then started application testing... deploying the software, etc... and no security messages appeared for me.

I understand IT is rolling out new machines with local Administrator permissions, so they probably have local admin.
 
Bump... any ideas?

Logged in with my domain account, local group permissions is User group, and the notify slider is all the way to the top indicating "always notify", I get no notification when RegEdit executes in the NT batch file. (No prompt is what I want to achieve.)
 
You must log in or register to reply here.

Similar threads

isladogs
  • Locked
A 'Kiosk' Style Access App
Replies
0
Views
3,343
isladogs
isladogs
Solo712
Are Global Variables Really that bad ?
2 3 4
Replies
65
Views
14,841
gemma-the-husky
gemma-the-husky
J
Access 2003 Developed Application Not Running Properly on Access 2007/2010 Runtime
Replies
2
Views
2,630
mdlueck
M
A
Problem installing Access 2000 runtime on Windows 7
Replies
5
Views
17,315
AccessJay
A
C
Open file in VBA without a warning message
Replies
1
Views
5,246
CBrighton
C

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
Back
Top Bottom