Registered users    
MembershipMembership:
Latest New UserLatest:Tim Humes
New TodayNew Today:3
New YesterdayNew Yesterday:2
User CountOverall:23341
Private messaging    
You must be logged in to use this module.
Top 10 posters    
NamePosts
Mariette Knap12905
Marina Roos12523
Eriq Neale2114
Stan Guinn1914
Michael Patrick1913
Robert Pearman1771
Nick Pieters1425
Stewart Brown617
william warren603
Kevin D.579
Welcome unauthorized visitor    
If you want to join us in the discussions on this forum you need to register first. Registration is free! If you are already a registered user please login to join the forum.
Small Business Server Support Forum    
Forums > Microsoft Small Business Server 2003 & 2000 > Workstations
Subject: Running Programs when not a local "Administrator" on client machine
Prev Next
You are not authorized to post a reply.

Author Messages
Simon Barrett User is Offline
Storrington, West Sussex, UK
Member since
2/5/2006

Registered Users
Posts: 102
1/09/2007 04:23 PM  
Hi

Is is possible to run software applications on machines that normally require the user to be a local "administrator" on their machine (I presume this is to do with writing to registry) but with the user's account being a "power user" or "user" instead?

Basically, I don't want my users to install random software (like Torrent Downloaders etc) but I do want them to be able to effectively use their programs, but this won't work unless the user is an administrator. Problem then is that certain users download stuff and install it onto their machine. There must be an administrative way of locking stuff down.

Client Machines have Win XP Pro, server is SBS2k3 Standard.

Thanks,

Si

P.S. I remember reading about Vista in TechNet magazine where it got over this problem without having to do special stuff to the OS, and just writing the information to temp files in a temp folder.
I wish they taught MS Networking @ my uni when I was there, but no, they taught us Unix and Linux and VMS
Mariette Knap User is Offline
The Netherlands
Member since
3/24/2005

Forum Admins
Posts: 12905
1/09/2007 07:46 PM  
There are two ways of doing this:
  1. Make the users local admins and lockdown the workstations using Group Policies
  2. Don't make the users local admins but then you have to find out by trial and error to what registry hives and folders needs specific permissions. You can use FileMon and Regmon to figure out what such application needs.

I always prefer option 1. because it is much easier to controll and it is centralized. If you opt for option 2 you will need to set permissions on each workstation manually or script the stuff. Not a nice task if the application provider decides that with an update of the application everything is changed...
Mariëtte Knap Smallbizserver.Net AdministratorMission accomplished. We have joined the branch office to our SBS 2003 Headquarters and have the same user experience on the branch office as we have on our local  network at the Headquarters. Want to know how? Signup up for a subscription and get instant access to the article series 'How to add an additional Domain Controller from a remote office to the SBS domain'
You are not authorized to post a reply.
Forums > Microsoft Small Business Server 2003 & 2000 > Workstations > Running Programs when not a local "Administrator" on client machine


ActiveForums 3.7
Forum policy    
These Discussion Forums are dedicated to the discussion of the Small Business Server and related server and client software. For the benefit of the community please observe the following posting guidelines:
  1. No Advertising. This includes promotion of commercial products and non-commercial products which are not directly related to Small Business Server and related server and client software.
  2. No Flaming or Trolling.
  3. No Profanity, Racism, or Prejudice.
  4. Site Moderators have the final word on approving/removing a thread or post or comment.
Copyright 2002-2008 Concentrix b.v.    :   Page generated in 0.2968769 seconds.   :   Terms Of Use   :   Privacy Statement