Re: Administrator Help
From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 12/03/04
- Next message: Roger Abell: "Re: Logon Security"
- Previous message: Roger Abell: "Re: Administrator Help"
- In reply to: Bowesleeming: "Re: Administrator Help"
- Next in thread: Roger Abell: "Re: Administrator Help"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 3 Dec 2004 00:41:49 -0700
The process can be a little effort, when using the filemon
and regmon tools, but not totally difficult.
In general, many applications can be allowed to run by
one or both of granting users change on the application's
on install point on disk, and/or to the application's registry
keys.
For the first, if the app installed to a directory like
c:\program files\app vendor\appname
then using Start / Run cmd to get a cmd windows
and entering into it
cacls /e /t /g Users:C "c:\program files\app vendor\appname"
will take care of granting Users (aka limited accounts) the
ability to write in the install area on disk (and to destroy the
installation).
If the application still does not run, then one can try locating
the applications area in the registry, likely in the HKey Local
Machine\Software\App Vendor location, but it could be elsewhere.
Once found on can highlight the key and then grant Users group
elevated permissions. To do this one can start/run regedt32
and after highlighting the minimally sufficient key click on
Security from the menu.
If these two are not the problem, or the whole problem, with
the application, then it may be temp files written elsewhere,
it may be a .ini file in the Windows dir structure, etc..
For finding these the regmon and filemon tools are a great
help.
It really does not hurt too much loosening the two areas
mentioned since this only allows a limited account to
destabalize that application. Hence, it is worth a try to
see if those two fairly simple actions are sufficient.
If not, post back an someone here may give some pointers
on using these tools.
-- Roger Abell Microsoft MVP (Windows Security) MCSE (W2k3,W2k,Nt4) MCDBA "Bowesleeming" <Bowesleeming@discussions.microsoft.com> wrote in message news:55DD00FB-6156-4F69-8DEB-DCABF0F1EABA@microsoft.com... > Thanks for the info. > I am not particularly technically minded - is the process/method you > describe difficult to do ? > I only wanted a simple solution !!!! - but it never works out that way. > > > > "Lanwench [MVP - Exchange]" wrote: > > > Bowesleeming wrote: > > > I am set up as an administartor on the computer at home, so is one of > > > the kids (because they don't seem to able to play the games without > > > this !) > > > I have tried to restrict access for loading games onto the computer > > > through Access manager by disabling adding and removing programmes > > > etc. > > > But this doesn't seem to work and they still have the facility to > > > load and play. > > > Please - How do I stop this ? and retain control without changing > > > their profile from administrator to limited user ? > > > > > > Thanks > > > > I think a lot of games developers are just plain lazy or don't understand or > > care about security. See if RegMon and FileMon from www.sysinternals.com can > > help you identify what files/folders/regkeys the game expects to have write > > access to, so you can manually modify them. > > > > > >
- Next message: Roger Abell: "Re: Logon Security"
- Previous message: Roger Abell: "Re: Administrator Help"
- In reply to: Bowesleeming: "Re: Administrator Help"
- Next in thread: Roger Abell: "Re: Administrator Help"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
