Get Mesh (and why we require UAC)

I’m John Macintyre, the Group Program Manager for Live Mesh Client Platform & Runtime (it fits on a business card if you use 6 point type).  I wanted to talk about how Live Mesh client install works, and address the questions we’ve seen about why User Account Control (UAC) must be enabled on Windows Vista in order for Live Mesh to work.

The design challenge we faced with Live Mesh client deployment was to make it simple to install, while providing rich client experiences that are deeply integrated with the device experience i.e. today your Windows Shell, tomorrow your Mac, Mobile device etc. 

It’s worth taking a quick look at the client footprint before we cover how it is deployed. The Live Mesh client can be separated into two distinct components:

  1. Mesh Operating Environment (MOE) – this is the client version of our services composition runtime, a cohesive programming model for interacting with the mesh.  On the client, it is responsible for data synchronization, cloud interaction, P2P interaction and handling requests from applications.
  2. Live Mesh Client – this is the set of core experiences that are built on the runtime to deliver experiences around Live Mesh Folders and Live Mesh Remote Desktop.  

There is a further subcomponent breakdown but at a conceptual level you can think of the client as a runtime engine with an experience layered on top of it.  Today the client is deployed as a single unit but in subsequent refreshes we will enable other configuration and distribution scenarios.

We’ve tried to keep the client deployment model as seamless and simple as possible.  It can be broken into three separate stages …

1) Add Device …

The Live Mesh client is deployed through the Devices page of  Clicking on “Add Device” will initiate the download of the Live Mesh installer.  The first thing that you may notice is the installer is relatively small.  The initial install of the Live Mesh client is actually just a bootstrap component that reaches out to a server and retrieves the latest version of the client.  This provides the benefit of small download from the browser and an always up-to-date client footprint.

2) Run LiveMesh.exe …

Once the bootstrap installer has been downloaded, users click on ‘run’ to launch the installer.  Live Mesh installs on the system as “per user” which means that installation only applies to the current Windows user. So by default, installing on Vista does not require administrator privileges, and no UAC prompt is shown.   The runtime client binaries are deployed to the user’s profile under application data and all COM objects are registered for the current user.  This means that installations are not shared across Windows accounts.  Another interesting aspect of install is that the user is not presented with a terms of use or confirmation dialog since this was already done through service sign-up.  We hope this simplifies the overall flow and experience around client deployment.

Why does Live Mesh require UAC?

At this point it’s worth talking about UAC and why the Live Mesh client requires that UAC be turned on. If you’ve tried to install Live Mesh on a system with UAC disabled you’ll have found that the installer blocks on this configuration.  There’s a technical reason why we impose this restriction:  In Vista RTM with UAC off, COM does not read the per-user hive, meaning COM objects registered per-user do not work.  Since Live Mesh installs per-user without elevation it is subject to this restriction.  To prevent users from installing on unsupported configurations we added a block in our installer when UAC is off.  Fortunately there’s light at the end of the tunnel for users that run with UAC disabled.  Windows Vista SP1 has a change that allows per-user COM when UAC is disabled.  With the release of SP1, we have begun validating that Live Mesh fully functions with UAC disabled, but haven't yet finished our testing.  Expect this configuration to be supported in a subsequent refresh.   As you can probably guess, this also means that even after you install, UAC must remain enabled for Live Mesh to work correctly.  If you turn UAC off, we won’t be able to find any of our COM objects.  

3) Add Device …

After installing the Live Mesh client, users are prompted to sign-in with their Live ID.  This Live ID is used to link the device to your personal mesh.  By “device” we generally mean Windows user account.  Multiple Live IDs can independently use the same Windows account (similar to Messenger).  Once the device is part of your mesh you can initiate sharing (or synchronization) with your other devices, the cloud or other users.
Vista users will see an additional option on the Add Device dialog.  This option is to enable features that require administrator privileges including system level Live Mesh Remote Desktop (accessing the system while it is locked or an account is not logged in) and peer to peer file transfer.  By default this option is selected and users will be asked to elevate to proceed with the device claim.  If the user is not an administrator they can disable this option.

Once the user goes through this client deployment flow they are up and running with their mesh-enabled device.  The runtime and experience components will continue to update themselves as new versions are available.  As much as possible we try to do this without affecting the overall experience or disturbing the user.

Technorati Tags: LiveMesh