|
| | |
Group: Forum Members
Last Login: 2/18/2007 10:54:39 AM
Posts: 2, Visits: 3 |
| | the scenario: Running Vista Business on a domain. I have two accounts U (user) and DA (domain admin). the U account is what i use on my local machine and is only a user on the pc. The DA is a domain admin and inheritly has admin rights to the same computer. The issue: I am logged in as the normal U account and trying to access resources (via network browsing) that the U account does not have permissions to BUT the DA does. So in short, i am trying to do a "run as" to browse with. has anyone found a way to do this? So far, this is a huge flaw in microsoft's least priveledge theory. I know Vista was designed to prompt for adding rights when needed, but i am taking this a step further and refuse to roll out Vista at the office until i do. I do not want users able to install applications and such at all which minimizes the issues i will have out of the computers in the future. Thanks to any help anyone can lend. |
| |
| | | |
Group: Forum Members
Last Login: 2/18/2007 10:54:39 AM
Posts: 2, Visits: 3 |
| bump  |
| |
| | | | 
Administrator
Group: Administrators
Last Login: 11/11/2008 9:24:04 PM
Posts: 2,103, Visits: 2,251 |
| What kind of resources are they? Computers? Printers?
AMD64 X2 5200+ 2.60GHz | 3GB DDR 667 | RAID 0 SATA3.0 WD Caviars 320GB total | Foxconn MCP61VM2MA-RS2H Geforce 6100 nforce400 chipset | Vista Ultimate x86
 |
| |
| | | | 
Vista Advisor
 
Group: Forum Members
Last Login: 4/30/2008 10:14:36 AM
Posts: 156, Visits: 198 |
| Im not sure it can be done, I thought logging onto a local user account only gave access to that machines resources, so a "Run as" would still only be local as there is no way for the account to see the domain due to the fact its not actually connected to the domain. confused? dont worry so am I! 
|
| |
| | | |
Administrator
Group: Administrators
Last Login: 11/11/2008 9:24:04 PM
Posts: 2,103, Visits: 2,251 |
| Well it wouldn't make sense to allow users to use "run as admin" it's contradicts the idea of a leaste privileged account. Which is why regular users on the domain cannot use the run as admin?? I'm confused.
AMD64 X2 5200+ 2.60GHz | 3GB DDR 667 | RAID 0 SATA3.0 WD Caviars 320GB total | Foxconn MCP61VM2MA-RS2H Geforce 6100 nforce400 chipset | Vista Ultimate x86
|
| |
| |
|