Thank you very much!!! I tested it works.
Ravit
________________________________
From: Mike Dimmick [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 24, 2007 12:56 PM
To: Ravit Shapira; wix-users@lists.sourceforge.net
Subject: RE: [WiX-users] adding NEWORK SERVICE group with full control
permission
NETWORK SERVICE is not under the local computer authority but instead under NT
AUTHORITY. It has to be built using a well-known SID. The Windows Installer
built-in LockPermissions table does not know how to do this. WiX's extended
permissions feature, however, can.
For WiX v2, specify <Permission User="NetworkService" Domain="" Extended="yes"
/>.
For WiX v3, include the util namespace (i.e. add
xmlns:util="http://schemas.microsoft.com/wix/UtilExtension"; to the root
element) and specify <util:PermissionEx User="NetworkService" Domain="" />. You
must also compile and link with the WixUtilExtension extension.
Permission/@Domain can be omitted entirely, rather than an empty string, but
must be empty if specified.
For reference, the list of well-known security principals supported by WiX
extended permissions is:
Everyone
Administrators
LocalSystem
LocalService
NetworkService
AuthenticatedUser
Guests
CREATOR OWNER
INTERACTIVE
Users
For all of these, omit Domain or set it to the empty string.
There are actually 62 well-known SIDs listed in WinNT.h in the 2003 R2 SDK, but
some can be looked up using the conventional domain-relative technique, and
some are very uncommon.
--
Mike Dimmick
________________________________
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ravit Shapira
Sent: 24 May 2007 06:44
To: wix-users@lists.sourceforge.net
Subject: [WiX-users] adding NEWORK SERVICE group with full control permission
Hi,
I'm facing problems with adding a NETWORK SERVICE group to a folder in win2k3
machine with full control permissions.
I get a run time error when I configure the following:
<Component Id = "BusinessDirPermissions" Guid =
"436CF442-AD1F-4744-A7A7-D2ECC3FB5875">
<CreateFolder Directory="D_BUSINESS_ROOT">
<Permission User="Network Service" Domain="[COMPUTERNAME]"
GenericRead="yes" GenericExecute="yes"/>
</CreateFolder>
</Component>
The run time error says that Netwrok Service is not a valid user or group. How
can I solve this problem?
When I tried to use the name 'Everyone' instead of NETWORK SERVICE I get no
error, but when I change the name to NETWORK SERVICE I get a run time error.
The following code works for 'Everyone' group:
<CreateFolder Directory="D_ADDRESS_ROOT">
<Permission ChangePermission="yes" GenericAll="yes" User="Everyone"
CreateFile="yes" Extended="yes"/>
</CreateFolder>
Thank you in advance,
Ravit
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
WiX-users mailing list
WiX-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wix-users
