Re: Risks of Local Admin Access on Domain PC?

From: Karl Levinson [x y] mvp (levinson_k@excite.com)
Date: 02/26/03 

From: "Karl Levinson [x y] mvp" <levinson_k@excite.com>
Date: Tue, 25 Feb 2003 21:30:25 -0500

My thought exactly... except I would add that if a software vendor says that
admin rights are necessary when all that is really needed is write
permission to one registry key, then that vendor is way misinformed. That
vendor should also be told that they need to amend their installation
program and/or their user documentation so that the appropriate permissions
are documented and are set correctly during installation. There's no excuse
for large vendors like Intuit or whoever does Quickbooks to not do this
correctly.

"Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa@pacbell.net>
wrote in message news:3E5C130B.48CCD4D1@pacbell.net...
> Quickbooks versions earlier than 99 - need local admin
> Tax software programs - think they need local admin
>
> That's not exactly realistic in my industry...yet.
>
> Workaround. Log in as Administrator, go to the hklocal machine registry of
> that software, right mouse click on it's registry entry, click on
> permissions. Give full [admin style] permission rights to the "power
user" or
> "user" for THAT software only. Now log in as the regular domain user.
>
> Voila.... restricted rights on the machine, full rights for a piece of
> software that demands local admin.

Relevant Pages

  • Re: Need Help to solve rights problem
    ... I would suggest rejecting the software, and having the vendor supply ... admin grants to its users. ... I install on server for central database ... > this software then they have local administrator rights on that system ...
    (microsoft.public.win2000.security)
  • Re: Access 97 Security issue Cant make a MDE
    ... I am not able to CHANGE these rights. ... Normally I work as both the Owner of the database (and all objects ... we don't reset this table permission after making the mde. ... we give database admin permission to our user group. ...
    (microsoft.public.access.security)
  • Re: Risks of Local Admin Access on Domain PC?
    ... > says that admin rights are necessary when all that is really needed ... > is write permission to one registry key, then that vendor is way ... >> Quickbooks versions earlier than 99 - need local admin ...
    (microsoft.public.security)
  • Re: Permissions again
    ... I was checking the API functionality. ... check CU rights (logged in as Admin) ... but if permission is set for everyone then ...
    (microsoft.public.vb.general.discussion)
  • Re: Cannot convert or enable database
    ... The vendor didn't provide the development mdw it was secured with; as a user you are meant to use it with the standard system.mdw. ... but I cannot get the database to open. ... The KB states to "Remove the Admin ... "You don't have permission to import, export, or link to." ...
    (microsoft.public.access.security)
Quantcast