In this dialog you can edit a permission for a file, folder, registry key or value already existing in your installation package.
The domain of the user for which permissions are to be set. If left empty, no domain is considered for the OS user account. You can get the current domain by specifying the string [%USERDOMAIN].
This field should be set only when the target user account is part of a specific domain. For regular user accounts this field should be empty.
The name of the user account for which you set the permissions. This can be a user account or a group name. Make sure this string is a perfect match for the user account's name or the group name on the target machine (this name has a localizable value - it depends on the target machine local language). "Everyone" and "Administrators" are generic groups. These names have the same meaning on every NT machine, independent of the locale settings (they are not localized).
This list displays all the permissions you can set for a file, folder, registry key or value from your package. These names represent the corresponding constants as defined in "WINNT.H" header file. Note that some permissions have one name, while others have two names, separated by comma. The single name permissions have the same meaning for any object to which they are applied to. The two names permissions have different meanings, depending on the type of the object they are applied to (file, folder, registry key or value).
The permissions checked here are considered allowed - you can not specify a denied permission. Make sure you set the appropriate permissions, otherwise you can even make the uninstallation of your product impossible.
According to Windows operating system advanced permissions cannot be set directly on a resource, therefore the button is automatically disabled until you return to simple permissions. The advanced permissions will be kept along the with the simple ones.
Permissions can be configured using one of the available views: Simple and Advanced. The simple view allows you to set the following generic permissions:
- Full Control
- Read & Execute
- List Folder Contents (showed only for folders)
Through the advanced view you can set the actual permission flags. Permission flags which cannot be grouped in a simple option will be shown as Special Permissions in the simple view.
When creating a permission for an element in your installation you should also create a second permission which applies only to the Administrators group. This permission should give the Administrators full control in order to allow them to uninstall the package.
Apply permissions to all subfolders
When setting this option, the folder permissions will also be set for all subfolders. This affects only folders and the permissions are not applied to their files.