(Maybe these details aren't all necessary? The upshot is in the final paragraph)
So, about a year and some months ago a .NET assembly was developed to work as an in-browser control. Because it requires connectivity to a web service, there was a bunch of fooling about with the .NET security policy required to get it to work to begin with. The control is used by many users in an organization, so an MSI was distributed to users to install the correct security policy. It worked.
At the time, all boxes were XP Pro. Now, some of the users have moved to Vista x64, and the control no longer works unless the user starts IE7 in "Run as administrator" mode. If IE7 is run in admin mode, everything is peachy keen. I had originally suspected a trust policy problem, but have ruled that out for the following reasons:
- The security policy is installed on the Vista machines (visible in .NET 2.0 security.config)
- A manifest is embedded in the control to request elevation, but the prompt does not appear
- The control does not load, period. Normally, if the trust policy is missing, the control UI appears and the security exceptions are handled by directing the user to the security policy.
I presume that the problem stems from UAC, and that the control is not being loaded to begin with because the browser does not have permission to do so.
A network admin had actually resolved this problem a few months ago on the very first Vista user's machine, but has since left the company with no record of what the resolution was.
I'm completely green on Vista configuration, and if I was inclined to throw switches left and right until the lights come on, wouldn't know where to begin. What I'd ideally like to know is what permissions are required by IE7 to load a .NET control assembly, and where this might be configured. Thanks!
Randall