When windows introduced User Access Controls (UAC) years ago, I knew we were in trouble.  These controls have caused me more troubles as an administrator of systems then any other windows feature that I can think of and there are lots of features that drive me crazy.  I recently had a client change their group policies up which tightened things up and for their organization it is a huge positive, but for a backend administrator that just wants to get the crazy installs and configurations done the policy change impacted my administrator account very negatively.

According to my privileges I had UAC turned off, I was in the administrators group, I was assigned the administrator privileges but I was still unable to delete a file from my temp directory without it tell me that “You’ll need to provide administrator permission to do <this action>”!  Seriously, I created the file, I modified the file, I am the owner of the file, but sorry today, you can’t delete it!  Come on man!  Really!

Now I understand the reason why, and if you don’t understand why, do a little reading on UAC, and if you still don’t understand, I highly don’t recommend you make this change I am about to suggest.

The policy forced a registry setting that I could not change any other way then through the registry editor, and once I changed a rebooted the machine, no more problems:

Key: Software\Microsoft\Windows\CurrentVersion\Policies\System – Value: EnableLUA

This was set to 1 (Hex: 0x00000001) which enables the policy “administrator in Admin Approval Mode” user type while also enabling all other UAC policies. I changed the value to 0 (Hex: 0x00000000) which disables the “administrator in Admin Approval Mode” user type.

After a quick reboot, I was able to delete my files from my temp folder without having to grant administrator privileges to the action.  For more info on this registry key check out Microsoft MSDN!

Here is a quick way to get started when trying to send a message to the HttpListeningConnector within PeopleSoft:

Basic URL: http://myserver.com/PSIGW/HttpListeningConnector
Advanced URL: http://myserver.com/PSIGW/HttpListeningConnector?&Operation={MyServiceOperation.Version#}&From={MyExternalNodeName}

Next you need to generate a message to pass to this Target Connector. Use a simple SOAP envelope and wrap you message into it:

<?xml version="1.0"?>
<soapenv:Envelope xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsa="http://schemas.xmlsoap.org/ws/2003/03/addressing/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance/">
<soapenv:Header xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:Security soap:mustUnderstand="1"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>{ExternalUserId}</wsse:Username>
<wsse:Password>{ExternalUserIdPassword}</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<{MESSAGE_NAME}>
<FieldTypes>
<{MESSAGE_RECORDNAME} class="R">
<{FIELD1} type="CHAR"/>
<{FIELD2} type="CHAR"/>
</{MESSAGE_RECORDNAME}>
<PSCAMA class="R">
<LANGUAGE_CD type="CHAR"/>
<AUDIT_ACTN type="CHAR"/>
<BASE_LANGUAGE_CD type="CHAR"/>
<MSG_SEQ_FLG type="CHAR"/>
<PROCESS_INSTANCE type="NUMBER"/>
<PUBLISH_RULE_ID type="CHAR"/>
<MSGNODENAME type="CHAR"/>
</PSCAMA>
</FieldTypes>
<MsgData>
<Transaction>
<{MESSAGE_RECORDNAME} class="R">
<{FIELD1}>SomeData1</{FIELD1}>
<{FIELD2}>SomeData2</{FIELD2}>
</{MESSAGE_RECORDNAME}>
<PSCAMA class="R">
<LANGUAGE_CD IsChanged="Y"/>
<AUDIT_ACTN>A</AUDIT_ACTN>
<BASE_LANGUAGE_CD IsChanged="Y"/>
<MSG_SEQ_FLG/>
<PROCESS_INSTANCE>0</PROCESS_INSTANCE>
<PUBLISH_RULE_ID/>
<MSGNODENAME/>
</PSCAMA>
</Transaction>
</MsgData>
</{MESSAGE_NAME}>
</soapenv:Body>
</soapenv:Envelope>