none
Local permissions for an Exchange/Outlook App RRS feed

  • General discussion

  • Hi there,

    I work for a SI and I've come across an Outlook/Exchange application that a client uses which essentially invokes an IE session from the Outlook pane. All it seems to do is call a web page to allow users to log into a rebranded salesforce page. Where I have issues is that the vendor not only wants all users to have local admin rights, but they want to run outlook in an elevated session and have told me that Microsoft have designed it this way. What I would love to know is how much smoke are they blowing up my clacker here, it seems to me that since Microsoft introduced  UAC, they have not been recommending that base programs run elevated nor should users be silently elevated.

    Can anyone with any experience in developing these type of apps point me to a KB or a guideline that says this flouting of the security model is a recommended practice?

    Cheers


    • Edited by Jay Byrne Monday, February 9, 2015 9:31 PM Ginger
    • Changed type Jeffrey_Chen_Moderator Friday, February 13, 2015 11:43 PM best practice discussion
    Monday, February 9, 2015 9:23 PM

All replies

  • Hi Jay,

    >> I've come across an Outlook/Exchange application that a client uses which essentially invokes an IE session from the Outlook pane.

    Are you developing a VSTO add-in or Office Mail App (Apps for Office)?

    Regards,

    Jeffrey


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Friday, February 13, 2015 11:47 PM
    Moderator