Re: Allow non-Administrator to view and terminate processes for all users

From: "Bruce Sanderson" <bsanders@xxxxxxxxxxxxxx>
Date: Mon, 24 Jul 2006 22:38:39 -0700

Thanks for the reply, Svyatoslav!

I tried granting a user both the "increase scheduling priority" and "debug
programs" "right" under Security Settings, Local Policies, User Rights
Assignment (in Computer Configuration) via GPO to a specific domain user,
but that user still could not add a check mark to the "Show processes from
all users" check box in Task Manager.

I verified using gpresult /v that the settings in the GPO had been applied
to the computer.

Any other ideas come to mind?

It may well be that there is no specific right or permission that grants
this - this ability may be built-in to the Administrators group inherent
rights (unfortunately!) but it would be nice to know definitively.

--
Bruce Sanderson MVP Printing
http://members.shaw.ca/bsanders

It is perfectly useless to know the right answer to the wrong question.

"S. Pidgorny <MVP>" <slavickp@xxxxxxxxx> wrote in message
news:%23KT4n%23frGHA.3868@xxxxxxxxxxxxxxxxxxxxxxx

Interesting question... That might be a matter of changing one of the user
rights in the local security policy. Which one? I'd say "Increase
scheduling priority" or "debug programs".

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

"Bruce Sanderson" <bsanders@xxxxxxxxxxxxxxxxx> wrote in message
news:uWfQOCRrGHA.4820@xxxxxxxxxxxxxxxxxxxxxxx

In Windows 2003 Enterprise Server, is there a user right or group policy
setting (or other means) to allow someone to view and end processes from
any (all) users (e.g. in Task Manager - "Show processes from all users")
without making that someone's user account a member of the Administrators
group?

--
Bruce Sanderson MVP
http://members.shaw.ca/bsanders/
It's perfectly useless to know the right answer to the wrong question.

Follow-Ups:
- Re: Allow non-Administrator to view and terminate processes for all users
  - From: Roger Abell [MVP]

References:
- Allow non-Administrator to view and terminate processes for all users
  - From: Bruce Sanderson

Prev by Date: Re: Decent Windows 2000 Firewall
Next by Date: Re: The system administrator has set policies to prevent this inst
Previous by thread: Re: Allow non-Administrator to view and terminate processes for all users
Next by thread: Re: Allow non-Administrator to view and terminate processes for all users
Index(es):
- Date
- Thread

Relevant Pages

Re: Problem with NT4 domain trusting W2003 domain
... | implemented the settings you suggested in the "default domain controller ... | GPO" and not in the local GPO, and verified with GPMC that they are ... |> suspect there are some settings in security options caused this problem, ...
(microsoft.public.windows.server.migration)
Re: GPO Update Problem (SYSVOL access via UNC)
... Server Security and Auditing Policy ... This list only includes links in the domain of the GPO. ... The settings in this GPO can only apply to the following groups, users, ...
(microsoft.public.win2000.group_policy)
Re: GPO Update Problem (SYSVOL access via UNC)
... > Server Security and Auditing Policy ... > This list only includes links in the domain of the GPO. ... > The settings in this GPO can only apply to the following groups, users, ...
(microsoft.public.win2000.group_policy)
Re: GPO security settings not applied
... Domain Security Policy to set this. ... you can indeed set a password policy at the OU - level! ... >> Domain - Default Domain GPO ... User settings in the IT GPO (ex. ...
(microsoft.public.win2000.group_policy)
Re: security template file import
... gpttmpl.inf in the secedit folder of the GPO file system folder ... > in here is a single file - GPTTMPL.INF that lists the securtiy settings ... > as i can see is a copy of an imported security settings file) - is this ... >> template outside of the GPO which you edit to contain all the security ...
(microsoft.public.win2000.security)