views:

302

answers:

3

Our application commonly used an ActiveX control to download and install our client on IE (XP and prior), however as our user base has drifted towards more Vista boxes with "Protected Mode" on, we are required to investigate.

So going forward, is it worth the headache of trying to use the protected mode API? Is this going to result in a deluge of dialog boxes and admin rights to do the things our app needs to do (write to some local file places, access some other applications, etc)?

I'm half bent on just adding a non-browser based installer app that will do the dirty work of downloading and installing the client, if need be... this would only need to be installed once and in large corporate structures it could be pushed out by IT.

Are there some other ideas I'm missing?

A: 

Have you checked out Microsoft's ClickOnce Deployment?

If I remember correctly you can embed a manifests which would help with dealing with protected modes automatically, saving you those headaches with the APIs.

I believe ClickOnce is geared for the same thing your ActiveX installer was designed to do.

Since you say your IT dept could push this out, I assume you could use this kind of technology as well.

Even though you might not be writing applications on the .NET CLR, you can use Visual Studio to generate those manifest and installers for you.

chakrit
+1  A: 

This client, is it a desktop application and not some software that runs inside the browser? In that case, please just supply a regular download installer application. My personal experience with browser-hosted installers is that they are just confusing and the few I have seen seemed to be poorly coded in some way.

If you use an MSI based installer I'm sure lots of Windows domain administrators will love you too, as Microsoft has tools to deploy MSI based installations onto large sets of machines remotely.

jfs
A: 

Its far better to do this right than put it off any longer. Vista is Microsoft's way of saying they aren't letting people get away with ignoring security issues any more and encouraging people to update their code.

I'm sure other users here will be able to point you are some MSDN best practices about writing ActiveX controls.

Nidonocu