Categories
Quicksearch
Sponsored Links
Currently...
Reading:
Haruki Murakami: Blind Willow, Sleeping Woman
Listening to:
Moby
(Hotel)
Playing:
Supreme Commander
Watching:
New Tricks
Syndicate This Blog
Powered by
Monday, July 10. 2006
Making the jump to LUA
We recently decided to switch users in our department to LUA, which unfortunately has nothing to do with a trip to Hawaii. LUA stands for Limited (or Least privileged) User Account and basically means that you are no longer running Windows using an administrator-level account. While this greatly increases your security, especially while browsing the Internet, it is not without problems. It seemed sensible to switch my own account first before telling everyone else to do it, and immediately I ran into an obscure problem that did not seem to exist on Google yet (or I used the wrong search terms), so hopefully this will help somebody who is trying to make the same jump.
Lots of great information about LUA can be found on Aaron Margosis' WebLog and on the noadmin site.
My user profile
After removing my account from the local Administrators group, I logged out and back in and was presented with a Windows 2000-style taskbar without any custom toolbars and my desktop icons all neatly arranged by filename. The taskbar itself was permanently locked. I tried switching back to the XP theme, which worked, at least until I logged out again. Aha! Seems like the desktop settings are not being saved. Fast forward two or three hours and I know the culprit - my now least privileged account is no longer allowed to write to its own HKEY_CURRENT_USER tree in the registry. After another hour I figured out how to fix the problem: Put the account back in the Administrators group, run regedit, find the user in the HKEY_USERS branch, add the account to the permissions list and give it full control, remove the account from the Administrators group and log out and back in.
MSN Messenger
After my account seemed to be working again, MSN Messenger 7.5 was non-functional. When trying to log in, I got a 80048883 error, which does not seem to be at all uncommon.
Downloading the DLL file that is advertised on many of the web sites did not work for me, so I upgraded to the latest version, Windows Live Messenger. Problem solved.
I have not had the guts to start up Visual Studio to see what will happen. Stay tuned.
Lots of great information about LUA can be found on Aaron Margosis' WebLog and on the noadmin site.
My user profile
After removing my account from the local Administrators group, I logged out and back in and was presented with a Windows 2000-style taskbar without any custom toolbars and my desktop icons all neatly arranged by filename. The taskbar itself was permanently locked. I tried switching back to the XP theme, which worked, at least until I logged out again. Aha! Seems like the desktop settings are not being saved. Fast forward two or three hours and I know the culprit - my now least privileged account is no longer allowed to write to its own HKEY_CURRENT_USER tree in the registry. After another hour I figured out how to fix the problem: Put the account back in the Administrators group, run regedit, find the user in the HKEY_USERS branch, add the account to the permissions list and give it full control, remove the account from the Administrators group and log out and back in.
MSN Messenger
After my account seemed to be working again, MSN Messenger 7.5 was non-functional. When trying to log in, I got a 80048883 error, which does not seem to be at all uncommon.
Downloading the DLL file that is advertised on many of the web sites did not work for me, so I upgraded to the latest version, Windows Live Messenger. Problem solved.
I have not had the guts to start up Visual Studio to see what will happen. Stay tuned.
Trackbacks
Trackback specific URI for this entry
No Trackbacks
Sponsors
My del.icio.us
- Swing Design
- Jokes on M B A
- Google advisor
- Quest - Make text adventure games without programming
- Financial Modelling in Python > Welcome to Python - Pg. 1: Safari Books Online
- Python Testing > Testing for Fun and Profit - Pg. 7: Safari Books Online
- Simon Tatham's Portable Puzzle Collection
- Clean Coder
- Git setup niceties
- IF Game Testing
