Re: Running Applications and Adming Rights
From: Colin Nash [MVP] (x_at_x)
Date: 08/03/04
- Next message: Jimmy Stahl: "RE: What are "Transforms" ?"
- Previous message: Barry Young: "Running Applications and Adming Rights"
- In reply to: Barry Young: "Running Applications and Adming Rights"
- Next in thread: Barry Young: "Re: Running Applications and Adming Rights"
- Reply: Barry Young: "Re: Running Applications and Adming Rights"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 2 Aug 2004 21:20:54 -0400
First of all, you should never never never never give Domain Admin rights to
the users. That is completely unnecessary and pretty much allows that user
to destroy your whole domain. It's important to understand what "Domain
Admin" means.
You can give a user admin rights to a local machine. On the machine, run
LUSRMGR.MSC from Start --> Run and add them to the Administrators group.
This limits their 'power' to that specific computer.
The best practice though is to have all users run under standard user
accounts with no admin privileges. If the application insists on having
admin rights, you should re-evaluate its use and/or contact the publisher
for an updated version. Most properly-written applications will require an
administrator to install it, but can then be used by any user.
You might have to give NTFS permissions to some folders/files and
permissions to some registry keys if you want to keep the user limited while
allowing them to run programs that are poorly designed. There is no magic
bullet solution other than playing with the NTFS permissions and using
REGEDT32 to set permissions on whatever registry keys it tries to change.
>From what I can recall about Palm's desktop software: You need to make the
user an administrator (of the workstation, not of the domain!!!), install it
under their profile, give them NTFS permissions to the C:\PALM folder (or
wherever it gets installed... maybe under PROGRAM FILES) , run the program
once doing a sync, and then remove the admin rights.
"Barry Young" <youngbar@insightbb.com> wrote in message
news:0ABPc.236779$Oq2.95501@attbi_s52...
>I have an application that is installed on a XP machine that is part of a
> network. In order to install the applications the user was made a part of
> the Domain Admins group . The application was installed and working fine.
> Then the network administrator removed the user out of the Domain Admins
> group and now the application is having problems running. Files in the
> application folder became read only, even after the user was given rights
> to
> the application folders, things are not running properly.
>
> What is the proper way to install an application on a machine in a domain
> based environment?
>
> You need admin rights to install, but then have problems running the
> application.
>
> The application also uses Palm Desktop and conduits, how do you manage the
> installation of this logged on as Admin and then giving the appropriate
> rights to the folders and application libraries.
>
> Thanks!
>
> Barry
>
>
- Next message: Jimmy Stahl: "RE: What are "Transforms" ?"
- Previous message: Barry Young: "Running Applications and Adming Rights"
- In reply to: Barry Young: "Running Applications and Adming Rights"
- Next in thread: Barry Young: "Re: Running Applications and Adming Rights"
- Reply: Barry Young: "Re: Running Applications and Adming Rights"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
