We have an application with a large installed base. Long story short, for a limited time some new Win10 systems need to store their data as the Win7 systems do -- in C:\windows (this is non-negotiable, and temporary -- I know this is poor form, but it is a temporary workaround).
In order to do that, I assume we need to either have NSIS set compatibility mode, or set elevated user privileges. But I'm open to other alternatives.
Thanks!
It was also wrong in Windows 7 and every other Windows version released in the last 25 years.
While it would be possible to give all users write access to %windir%, it is a huge security issue and not something I can recommend.
Your best option is to modify your application so that it requests UAC elevation in its manifest. If the application does not already have a embedded manifest (not requesting ComCtl32 v6 etc.) then you can theoretically use a external .manifest file.
A less ideal solution is to set the compatibility flag:
!include x64.nsh
${If} ${IsWow64}
SetRegView 64
${EndIf}
WriteRegStr HKLM "Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers" "$InstDir\MyApp.exe" "RUNASADMIN"
SetRegView Default
Application compatibility layers are there for the customer, not for the program but I suppose we are way past trying to follow the Microsoft guidelines.
