Comments appreciated on locking down worksations.
From: Smelly (john_at_me.net)
Date: 02/02/04
- Next message: Scott Harding - MS MVP: "Re: krnl32loader.ex"
- Previous message: donald: "spyware eliminator at the server"
- Next in thread: anonymous_at_discussions.microsoft.com: "Comments appreciated on locking down worksations."
- Reply: anonymous_at_discussions.microsoft.com: "Comments appreciated on locking down worksations."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 2 Feb 2004 14:45:24 -0800
Right now our 450 win2k pro users on our domain are all local
administrators. I realize this is not the brightest way to setup a secure
network environment. However, we are constantly having to uninstall and
reinstall software on users machines to fix problematic software. So I
think I came up with a solution.
Make all users standard users.
1. Put a shorcut to runas.exe in the send to menu on all workstations.
2. In the target I put c:\winnt\system32\runas.exe
/user:[domain]\administrator.
3. That I way all I have to do while logged on as a standard user, is right
click on the software install->send to->runas. It will then prompt for the
administrator password and away the install goes.
I was just wondering if there is any gotchas with doing this and also
checking to see if anybody else has a better solution.
All comments welcome
- Next message: Scott Harding - MS MVP: "Re: krnl32loader.ex"
- Previous message: donald: "spyware eliminator at the server"
- Next in thread: anonymous_at_discussions.microsoft.com: "Comments appreciated on locking down worksations."
- Reply: anonymous_at_discussions.microsoft.com: "Comments appreciated on locking down worksations."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
