http://blogs.msdn.com/b/cjacks/archive/2007/06/21/deploying-standard-user-analyzer-sua-mitigations-enterprise-wide.aspxIn an earlier entry I discussed the mitigation feature of Standard User Analyzer. This is useful for testing the fixes to see if they work for you, but if they do, what happens next? Typically, you want to deploy those fixes across an organization onceen-USTelligent Evolution Platform Developer Build (Build: 5.6.50428.7875)http://blogs.msdn.com/b/cjacks/archive/2007/06/21/deploying-standard-user-analyzer-sua-mitigations-enterprise-wide.aspx#7929109Thu, 28 Feb 2008 07:50:31 GMT91d46819-8472-40ad-a661-2c78acb4018c:7929109Chris Jackson - MSFT<p>Jesse Proulx - virt is identical, domain or no. It's just a file system filter driver. I'd make sure you don't have virt turned off as part of group policy on the domain. You talk about SUA and SDBs which is separate from virtualization. However, shims also work the same, assuming you haven't turned off the shim engine via group policy on the domain.</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=7929109" width="1" height="1">http://blogs.msdn.com/b/cjacks/archive/2007/06/21/deploying-standard-user-analyzer-sua-mitigations-enterprise-wide.aspx#7906753Tue, 26 Feb 2008 20:02:20 GMT91d46819-8472-40ad-a661-2c78acb4018c:7906753Jesse Proulx<p>Does the virtualization done by UAC behave diffrently in a domain envirement? Its always seems like we have compatibility issues that force us to have users run applications as local admins when the same software run perfectly on my computer that isnt in the domain as a standard user. I have managed to run SUA on my computer to make custom sdb's that would fix these problems sometimes. however more often than not it seems that the UAC is just not virtualizing right in a domain envirement.</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=7906753" width="1" height="1">http://blogs.msdn.com/b/cjacks/archive/2007/06/21/deploying-standard-user-analyzer-sua-mitigations-enterprise-wide.aspx#6872402Thu, 27 Dec 2007 00:14:19 GMT91d46819-8472-40ad-a661-2c78acb4018c:6872402Chris Jackson - MSFT<p>Supriya,</p> <p>The symbol path is useful when you have a developer examinging the application to change the code to fix the application. If the application is written in native code, the symbols will allow you to translate between wherever in memory the application code is at the moment, and the exact method in the code that requires elevated privileges, so they can go straight there in the code to make the change. If symbols are already configured, SUA will pick them up. For non-developers, this is less interesting.</p> <p>Stack traces are how you spot all of the functions that are currently being called by the application. This, in combination with symbols, tells you not only where you are in the code, but how you got there. Perhaps there is only a LUA Bug when you call a certain function from one place, but not from others - the stack trace can help you find that.</p> <p>As for what is new in SUA, I list some of the features in my post here: <a rel="nofollow" target="_new" href="http://blogs.msdn.com/cjacks/archive/2007/11/13/announcing-the-application-compatibility-toolkit-5-0-2.aspx">http://blogs.msdn.com/cjacks/archive/2007/11/13/announcing-the-application-compatibility-toolkit-5-0-2.aspx</a></p> <p>Thanks,</p> <p>Chris</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=6872402" width="1" height="1">http://blogs.msdn.com/b/cjacks/archive/2007/06/21/deploying-standard-user-analyzer-sua-mitigations-enterprise-wide.aspx#6823380Fri, 21 Dec 2007 05:42:13 GMT91d46819-8472-40ad-a661-2c78acb4018c:6823380Supriya<p>What are the new features and functionalities in SUA?</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=6823380" width="1" height="1">http://blogs.msdn.com/b/cjacks/archive/2007/06/21/deploying-standard-user-analyzer-sua-mitigations-enterprise-wide.aspx#6823359Fri, 21 Dec 2007 05:40:06 GMT91d46819-8472-40ad-a661-2c78acb4018c:6823359Supriya<p>What is the use of symbol path in SUA? While launching the application through SUA the symbol path which comes automatically,is that the defauly symbol path or should we give a path?</p> <p>What is a Stack trace?How it is useful in SUA?</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=6823359" width="1" height="1">http://blogs.msdn.com/b/cjacks/archive/2007/06/21/deploying-standard-user-analyzer-sua-mitigations-enterprise-wide.aspx#4157962Wed, 01 Aug 2007 04:36:30 GMT91d46819-8472-40ad-a661-2c78acb4018c:4157962Chris Jackson - MSFT<p>It's not tied to the installer at all - it's just applied to the file system directly and immediately.</p> <p>Of course, if uninstalling it deletes the directory that had its ACL changed, then I suppose it would be reverted to normal by virtue of how that works, but if it modified something higher up than it really wouldn't.</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=4157962" width="1" height="1">http://blogs.msdn.com/b/cjacks/archive/2007/06/21/deploying-standard-user-analyzer-sua-mitigations-enterprise-wide.aspx#4151776Tue, 31 Jul 2007 22:08:16 GMT91d46819-8472-40ad-a661-2c78acb4018c:4151776MC<p>What about uninstalling the application I have tested and reinstalling it? Would the Loosen ACLs will go back to normal?</p> <p>MC</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=4151776" width="1" height="1">http://blogs.msdn.com/b/cjacks/archive/2007/06/21/deploying-standard-user-analyzer-sua-mitigations-enterprise-wide.aspx#4150907Tue, 31 Jul 2007 20:06:51 GMT91d46819-8472-40ad-a661-2c78acb4018c:4150907Chris Jackson - MSFT<p>Unfortunately, there is no undo feature in the current version of SUA. You'd have to look at the mitigation after analyzing again to see which directories we modified, and then set them back. Wish I had a better answer...</p> <p>Thanks,</p> <p>Chris</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=4150907" width="1" height="1">http://blogs.msdn.com/b/cjacks/archive/2007/06/21/deploying-standard-user-analyzer-sua-mitigations-enterprise-wide.aspx#4150796Tue, 31 Jul 2007 19:54:05 GMT91d46819-8472-40ad-a661-2c78acb4018c:4150796MC<p>Is there a way to undo the mitigation I have already applied for the Loosen ACLs?</p> <p>Thanks again!</p> <p>MC</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=4150796" width="1" height="1">http://blogs.msdn.com/b/cjacks/archive/2007/06/21/deploying-standard-user-analyzer-sua-mitigations-enterprise-wide.aspx#4150786Tue, 31 Jul 2007 19:52:04 GMT91d46819-8472-40ad-a661-2c78acb4018c:4150786MC<p>As a matter of fact your answer helped a lot, thanks!</p> <p>MC</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=4150786" width="1" height="1">