Arrrggghh!!! Permissions

bern · Joined: Mar 12, 2007 Posts: 1464 Location: ann arbor

I recently bought my second Vista machine. The other one is my presentation laptop, and I rarely do work on it.

I just bought a 64 bit vista machine, and am in the process of making it usable for real work. The little requesters that come up whenever you want to do something were a minor nuisance on the first machine. But they are a major headache on this one. But I was tolerating it until I tried to save a file in the Windows folder. I was not allowed. I tried changing permissions and was still not allowed. I am the OWNER and ADMINISTRATOR, for God's sake!!! I know Doc and others here have mentioned how to get out of this situation, but I didn't listen at the time, and now I can't find the messages. Can anybody tell me how I can have access to EVERYTHING on my machine?

goretsky · Posted: Tue Apr 21, 2009 3:46 am Post subject:

Hello,

You can, of course, disable U A C under Microsoft Windows Vista, however, perhaps it would be more secure to install the program to the C:\Program Files\ or C:\Program Files (x86)\ directory instead of copying it to the C:\WINDOWS\ directory. This way you will not have to reduce the operating system's security.

Regards,

Aryeh Goretsky

bern · Joined: Mar 12, 2007 Posts: 1464 Location: ann arbor

drwho07 · Joined: Nov 29, 2007 Posts: 1629 Location: Central FL, USA

Isn't that a pain in the drain?

If the builder, owner, installer of Windows and sole operator of a PC doesn't have Permission to work with the files on that PC, who on Earth does?

MS is really crapping in their own nest, by putting out such a restrictive OS.
I'm currently testing Windows 7, build 7077 , on another HD and it's no better.
Actually it's worse!!!!!

First off GET RID of that obnoxious UAC!
I use a script for that....a lot faster than trying to find the proper place to do it manually. Here's the script:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=dword:00000000

Just copy the blue lines and paste them into a "Notepad" document (NOT Wordpad) and save the file as "DisableUAC.reg"

Then you need another script to allow you to "Take Ownership" of any file or folder in Vista (or Windows 7 )
Running this script, will put the "Take Ownership" option in your Right Click Context menu (drop down menu).

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\*\shell\runas]
@="Take Ownership"
"NoWorkingDirectory"=""

[HKEY_CLASSES_ROOT\*\shell\runas\command]
@="cmd.exe /c takeown /f \"%1\" && icacls \"%1\" /grant administrators:F"
"IsolatedCommand"="cmd.exe /c takeown /f \"%1\" && icacls \"%1\" /grant administrators:F"

[HKEY_CLASSES_ROOT\Directory\shell\runas]
@="Take Ownership"
"NoWorkingDirectory"=""

[HKEY_CLASSES_ROOT\Directory\shell\runas\command]
@="cmd.exe /c takeown /f \"%1\" /r /d y && icacls \"%1\" /grant administrators:F /t"
"IsolatedCommand"="cmd.exe /c takeown /f \"%1\" /r /d y && icacls \"%1\" /grant administrators:F /t"

Again, copy and paste the above blue lines into a Notepad doc and save as,
Take Ownership.reg

After running this file (once) reboot and you will then be able to right click on any folder or file and "Take Ownership" of it.

After running this .reg script, I promptly took ownership of my personal folder, both Program Files folders and of course the Windows folder.
The process works one file at a time, so it takes a few minutes for it to finish on the larger folders like Windows. OK?

While we're at it, lets turn ON 'View Hidden Files'.
If you've not already found out how to do this in Windows, here's a little Visual Basic Script that can toggle Hidden Files ON or OFF.

' Script to toggle Windows Explorer display of hidden files,
' super-hidden files, and file name extensions

Option Explicit
Dim dblHiddenData, strHiddenKey, strSuperHiddenKey, strFileExtKey
Dim strKey, WshShell
On Error Resume Next

strKey = "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"
strHiddenKey = strKey & "\Hidden"
strSuperHiddenKey = strKey & "\ShowSuperHidden"
strFileExtKey = strKey & "\HideFileExt"

Set WshShell = WScript.CreateObject("WScript.Shell")
dblHiddenData = WshShell.RegRead(strHiddenKey)

If dblHiddenData = 2 Then
WshShell.RegWrite strHiddenKey, 1, "REG_DWORD"
WshShell.RegWrite strSuperHiddenKey, 1, "REG_DWORD"
WshShell.RegWrite strFileExtKey, 0, "REG_DWORD"
WScript.Echo "Windows Explorer will show hidden files and file " & _
"name extensions. You might need to change to another folder " & _
"or press F5 to refresh the view for the change to take effect."

Else
WshShell.RegWrite strHiddenKey, 2, "REG_DWORD"
WshShell.RegWrite strSuperHiddenKey, 0, "REG_DWORD"
WshShell.RegWrite strFileExtKey, 1, "REG_DWORD"
WScript.Echo "Windows Explorer will not show hidden files or file " & _
"name extensions. (These are the default settings.) You might " & _
"need to change to another folder or press F5 to refresh the " & _
"view for the change to take effect."

End If

Again, copy and paste the red lines above into Notepad and save the file as:
ToggleHiddenFiles.vbs

These are just a few of the things I do when setting up a new PC with Vista.
(32 or 64 )

It's a shame that MS makes us jump thru all these hoops to just run our own PC's , but thanks to some great hackers, we have these great little scripts to help us out.

I'll be combining the 'Disable UAC' script and the 'Take Ownership' script to facilitate faster execution/installation. I can't see me wanting to use just one and not the other.

I hope this helps you out.

Good Luck!

The Doctor Cool

bern · Joined: Mar 12, 2007 Posts: 1464 Location: ann arbor

zlim · Joined: Mar 11, 2005 Posts: 2657

Actually, if MS wanted to make it easy, I think they should have figured out how to do it. There is nothing wrong with operating in normal user mode - people running linux do it this way all the time. When I want to install something in linux and can't, I'm told I don't have permission and linux gives me a popup box where I type in the elevated user's(aka administrator in windows-speak) password. It is not big deal and I can't install or run something I didn't intend to because I have to type in the password and make a conscious decision to allow the action. Since MS obviously has the popup box figured out, surely they could have figured out a popup for the admin password that would let you do what you want on your personal computer!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Don't take my post to mean run linux instead of windows. That wasn't my intent. Each OS has its strengths and weaknesses. I run both windows and linux and use the OS that is best for what I want to do.

PhotoCarp · Joined: Sep 06, 2007 Posts: 130

drwho07 · Joined: Nov 29, 2007 Posts: 1629 Location: Central FL, USA

WELL, start off with what I've already posted and we'll get to the rest later. OK? Wink

When Win-7 first installs, everything you will need is not as obvious or available as it was in XP. XP was a dream, by comparison.
Many every day settings are virtually Hidden, in Win-7.

It actually took me several days of peeking and poking and hours on the Windows7 forum to find out how to do the most basic chores.

My conclusion is that I'm going to be looking for a lot more batch files and scripts to set up Win-7. So far, I'm just scratching the surface.

But then, the final version of Win-7 isn't out yet, so who knows how much better or worse the final version will be. Right now, we're just TESTING.

That little "Take Ownership" script has helped me more than anything!

With it, I was able to Take Ownership of all the files in the WinMail folder and delete all the files and then copy the files from Vista and get Windows mail working on Win-7. For some idiotic reason, MS has disabled WinMail in win-7, at least in the Beta Test versions

Doc Cool

mcoolbeth · Joined: Sep 10, 2004 Posts: 8

To show hidden files and folders in Vista, open Windows Explorer, click on 'Organize' then click on 'Folder and Search Options' Click on the 'View' tab and you will see the option to 'Show hidden files and folders'

DrgnAK · Joined: Apr 24, 2009 Posts: 1

It's not UAC, it's not a registry hack, and it's not hidden files. drwho07 is the closest.

There is a command you can use called takeown, which will give you ownership of a file or directory, and cacls, which will give you permissions to write to a file. If you just want write access to the WINDOWS folder, then open up the command prompt (start menu, type cmd) and enter "takeown /f X:\Windows\" without the quotations. (X corresponding to the appropriate drive letter). To look up more options like recursion to give yourself ownership of a folder and all of it's subfolders and files, just type in "takeown /?" to get a list. Then, use cacls to modify the permissions "cacls C:\Windows\ /G USERNAME:F" (replace USERNAME with yours), in our case.

They are hidden from the normal user as it's main purpose was to give ownership to a file and to give/take permissions to a file, thus removing security if used wrong. To put it simply, normal users don't need it at all, and improper use will lead to a more vulnerable system as programs are able to write to your system directories. It is documented, however, and system administrators and others of the profession have known about it since before Vista was released.

Use with care.

tbernstein · Joined: May 16, 2003 Posts: 1583 Location: London

Underlying an awful lot of the irritiation around this is the use of virtual folders in the "documents and settings" folder. With the true location disguised.
Or to put it another way, burying data folders inside system folders, then giving indirect access to them.
I don't want indirect access to my data. I want direct access. And if the folder is called "my documents" I want it to be where want to put my documents. Ditto photos. and of course "Cd burning".
I want direct,straight forward access to my data., my settings and my own computer,when I need it.

drwho07 · Joined: Nov 29, 2007 Posts: 1629 Location: Central FL, USA

Rots O Ruck!

For some unknown and insidious reason, MS has decided that the USER of Windows is too stupid to manage their own computer, so they hide everything, under layers of "Permissions".

That's like buying a new $40K car and you want to open the hood and take a look at that new engine, but the hood is locked and only a factory tech can open it.
ARRRRRRRRGH!!!!

I'm developing my own Library of batch files and registry scripts to allow me to do all the things I need to do, to set up a new PC with Vista, or someday Win-7.

Cheers Mates!
The Doctor Cool

tbernstein · Joined: May 16, 2003 Posts: 1583 Location: London

it's more like they have a padlocked space with a big label that says "Engine", but when you finally manage to look inside it you find that the engine is really somewhere else, which is also hidden deep inside another locked box, etc etc

pasquanel · Joined: Jun 20, 2005 Posts: 510 Location: Maine

I found this to be quite simple Cool

drwho07 · Joined: Nov 29, 2007 Posts: 1629 Location: Central FL, USA

Pasq......

Does that mean that you found the engine?

Moving On:

Years ago, like in ancient history, I had sheet after sheet of printed instructions on how to set up this or that. Like the long winded explanation above on how to take ownership of a file. Who can remember all those commands, or wants to sit at a keyboard for minutes or hours typing all that stuff in, day after day, on dozens or even hundreds of computers.
And, that was just one tweak. There are Many More involved with setting up a new PC.

Make a batch file or script to do the repetitive jobs, just once, verify that you've made no typographical errors and then all you have to do is run the script, which only takes a second or two to run and be done with that process and move on to the next one.

If I had to type in everything I do to set up a new PC with Vista (or someday Win-7 ) a typical setup would take a whole day.
At least for this old tech, that would be pretty time consuming, at the very least.

If I do some tweak on my own PC and think that I might ever want to do that for my customers, I write it into a batch file, VB-Script or a Reg-Script so I can repeat it later without ever having to type it in again.

Just a suggestion

Doc Cool