RE: Intranet zone full trust in vista
- From: wawang@xxxxxxxxxxxxxxxxxxxx (Walter Wang [MSFT])
- Date: Wed, 24 Jan 2007 03:26:50 GMT
Hi Bryan,
With UAC (User Account Control:
http://technet.microsoft.com/en-us/windowsvista/aa906021.aspx) turned on
(which is also the default setting), when an administrator logs on to a
computer, the system creates two different tokens
(http://www.pluralsight.com/wiki/default.aspx/Keith.GuideBook/WhatIsAToken.h
tml) representing the same logon session
(http://pluralsight.com/wiki/default.aspx/Keith.GuideBook/WhatIsALogonSessio
n.html). The first token grants all the permissions and privileges afforded
to the administrator while the second token is a restricted token, offering
far fewer permissions and pvivileges. The system then creates the shell
(explorer.exe) using the restricted token.
Setting .NET Code Access Security Policy will require administrative
privilege, and you will need elevation
(http://www.windowsecurity.com/articles/Understanding-User-Account-Control-V
ista.html) to launch the CAS tool with the unrestricted token.
Hope this helps. Please feel free to let me know if you need further
information.
Sincerely,
Walter Wang (wawang@xxxxxxxxxxxxxxxxxxxx, remove 'online.')
Microsoft Online Community Support
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications. If you are using Outlook Express, please make sure you clear the
check box "Tools/Options/Read: Get 300 headers at a time" to see your reply
promptly.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
.
- References:
- Intranet zone full trust in vista
- From: Bryan
- Intranet zone full trust in vista
- Prev by Date: .NET 2.0 Addins compatibility (KB907417) to pre-Office2003 versions
- Next by Date: Re: IP ping
- Previous by thread: Re: Intranet zone full trust in vista
- Next by thread: [Ann] Yet another Ajax Widgets library...
- Index(es):
Relevant Pages
|
