A few utils may help
Filemon and regmon from sysinternals.com will show you all file and
registry access happening on the machine. Stop all programs but the one
you want to run, and watch and see what files/directories it accesses,
as well as registry keys. Give access to those locations.
If it still doesn't work you can check out handle, and listdlls or
process explorer and double check.
Conlan Adams
-----Original Message-----
From: sf_mail_sbm_at_yahoo.com [mailto:sf_mail_sbm_at_yahoo.com]
Sent: Thursday, March 17, 2005 10:46 AM
To: security-basics_at_securityfocus.com
Subject: Admin Rights required on Terminal Services
Dear List,
We have an application that needs local admin rights to run
This is a legacy application, and cannot be run as a service
We are planning to run the application on a Terminal Services server
(Win 2K3)
Clients cannot run the application thru TS, since they do not have local
admin rights
One option is to put the users as local admins, and restrict the menus
to which they have access through Group Policy
Is there any other way to make users run the application without givin
them local admin rights?
Tried to look at "runas", but user will need to enter the administrator
password
Thank u all for ur help
Ronish
Received on Mar 17 2005
Intro
