views:

703

answers:

5

I made an updater which silently runs in XP and works just fine. But when it comes to Vista, the idea of silent installation gets ruined when UAC prompts the user to cancel or allow the user from running the program.

Is there anything at all we can do about this?

Thanks...

A: 

Unfortunately there's no way around this. UAC is actually intended specifically to prevent this type of thing where programs install software or make changes to the machine without the user's awarness.

Paul Alexander
It does make sense. That's right... I was just wondering though. The script I made was suppose to bypass UAC prompts. As a "user" it did bypass it, but as an admin, it didn't.
Owen
Yeah, that is the intended behavior of UAC in Vista...and in Windows 7. Dealing with UAC is tough but the best solution is really to be upfront with the user about changes - then the prompt is meaningless.
Paul Alexander
A: 

This is effectively a side effect of UAC and user permissions. From a security perspective, it does make sense.

If this is something you need to do, you should look to implement a system that is designed to run patching and deployments with elevated permissions. Microsoft's own Systems Management Server would do the trick, but is obviously quite a large scale solution!

You can read about it here.

Nick
Yes, I did add vista elevations within the script which made the silent installer work, but only as a user. As an admin, it gives an UAC prompt then silently installs. I checked the link you gave me, this maybe the last option... I think... Thanks...
Owen
A: 

UAC for non-MSI installs is a bit of a grey area, with signed MSI packages things get much easier and less confusing for the user.

You might want to take a look at Clickonce Deployment which may solve some of your problems.

sascha
A: 

Actually, it is possible, under very preconceived circumstances. Specifically, "service" can launch an installer, in a user session, with full privileges and bypass UAC prompting (already has it).

Of course this requires your user to have already installed your service, which DOES require Admin approval.

A: 

I know this post is old... 4 months to be exact. But Actually, yes it is VERY VERY possible. I wish to correct the people above.

Just add this line to your NSIS script.

RequestExecutionLevel user

This line tells Windows Vista and Windows 7 that this program does not require administrative access, which Vista/7 thinks.