Least Privledge and Browsing Network Share Issues

Discussion in 'Networking & Internet' started by NNatic, Feb 16, 2007.

  1. NNatic

    NNatic

    Joined:
    Feb 16, 2007
    Messages:
    2
    Likes Received:
    0
    the scenario:

    Running Vista Business on a domain. I have two accounts U (user) and DA (domain admin). the U account is what i use on my local machine and is only a user on the pc. The DA is a domain admin and inheritly has admin rights to the same computer.

    The issue:

    I am logged in as the normal U account and trying to access resources (via network browsing) that the U account does not have permissions to BUT the DA does. So in short, i am trying to do a "run as" to browse with. has anyone founda way to do this?

    So far, this is a huge flaw in microsoft's least priveledge theory. I know Vista was designed to prompt for adding rights when needed, but i am taking this a step further and refuse to roll out Vista at the office until i do. I do not want users able to install applications and such at all which minimizes the issues i will have out of the computers in the future.

    Thanks to any help anyone can lend.
     
    NNatic, Feb 16, 2007
    #1
    1. Advertisements

  2. NNatic

    NNatic

    Joined:
    Feb 16, 2007
    Messages:
    2
    Likes Received:
    0
    bump ;)
     
    NNatic, Feb 18, 2007
    #2
    1. Advertisements

  3. NNatic

    Jason

    Joined:
    Sep 26, 2005
    Messages:
    2,081
    Likes Received:
    1
    Location:
    Chicago,IL
    What kind of resources are they? Computers? Printers?
     
    Jason, Feb 19, 2007
    #3
  4. NNatic

    Antrax

    Joined:
    Feb 13, 2007
    Messages:
    156
    Likes Received:
    0
    Im not sure it can be done, I thought logging onto a local user account only gave access to that machines resources, so a "Run as" would still only be local as there is no way for the account to see the domain due to the fact its not actually connected to the domain. confused? dont worry so am I! :crazy:
     
    Antrax, Feb 20, 2007
    #4
  5. NNatic

    Jason

    Joined:
    Sep 26, 2005
    Messages:
    2,081
    Likes Received:
    1
    Location:
    Chicago,IL
    Well it wouldn't make sense to allow users to use "run as admin" it's contradicts the idea of a leaste privileged account. Which is why regular users on the domain cannot use the run as admin?? I'm confused.
     
    Jason, Feb 24, 2007
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.