What's new
By:
Filters
ClioSport.net

Register a free account today to become a member!
Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

  • When you purchase through links on our site, we may earn an affiliate commission. Read more here.

Network Admin Locking Feature - IT administrators



David

David

  BMW e46 320 Ci Sport
Guys,

does anyone know of some kind of software platform that will allow us to lockdown all user profiles (i.e set them all as users, with no privilieges) and then when an admin wants to do some installations etc etc on their machine, they can unlock the admin features by entering a password or something?

I know of the run as command but i'd like something more comprehensive. Any ideas anyone? cheers lads.
 
KDF

KDF

  Audi TT Stronic
"run as" and remote management gets me by. I did research this in the past and ultimately found that even the solutions available was not comprehensive.

For example if I wanted to install software as a normal user but enter and admin password it would then install the software as the admin user.. stupid winblows, in linux I can just su as another user without having to know their password.
 
Y

young_lew

  Facelift R53 Cooper S
Do you not just lock down computer features in a policy, and then NOT apply that policy to yourself?

so that when you login you have free reign.........
 
KDF

KDF

  Audi TT Stronic
I think he means without logging the user off, or at least that was my take on it.

Otherwise it would just be a simple admin/user account deal..
 
The Hoff

The Hoff

  SLK 350
Indeed, the only times this is useful are the times you don't want to log the user off - i.e remote working via Citrix or similar.

No real workaround for it that I know of, looking at some solutions now and as I type am installing Scriptlogic Desktop Authority onto my test domain, looks good from what I can see and we already use their Helpdesk software which works nicely.
 
A

Andy.

  Cupra
I just open IE6 as local admin on the remote machine and you can navigate around and do whatever you like without logging the user out. The downside is that it doesn't work with IE7.
 
ChrisR

ChrisR

ClioSport Club Member
AndyRS said:
I just open IE6 as local admin on the remote machine and you can navigate around and do whatever you like without logging the user out. The downside is that it doesn't work with IE7.
Click to expand...

heh what I do when I'm being really lazy, although don't use my admin account rather than local admin so I can get to the network shares :p

As for installing software, if you're big enough to justify the costs use SMS/SCCM, don't even need to go near the pc physically or over remote :) (I'm a little bias though when it comes to software distribution stuff :p) Then their accounts can be left locked down and you can push software out as you please.
 
KDF

KDF

  Audi TT Stronic
ChrisR said:
AndyRS said:
I just open IE6 as local admin on the remote machine and you can navigate around and do whatever you like without logging the user out. The downside is that it doesn't work with IE7.
Click to expand...

heh what I do when I'm being really lazy, although don't use my admin account rather than local admin so I can get to the network shares :p

As for installing software, if you're big enough to justify the costs use SMS/SCCM, don't even need to go near the pc physically or over remote :) (I'm a little bias though when it comes to software distribution stuff :p) Then their accounts can be left locked down and you can push software out as you please.
Click to expand...

All our software gets pushed out by group policy on AD. But its a pain as you can only use MSI's or you have to repackage. How you find SMS for distributing those more obscure packages ?
 
ChrisR

ChrisR

ClioSport Club Member
The Hoff said:
SMS2003 was great, but I personally hate SCCM.
Click to expand...

I've not really looked into it much yet, planned in for the end of the year. Hoping it doesn't wreck what SMS did too much :p

KDF said:
All our software gets pushed out by group policy on AD. But its a pain as you can only use MSI's or you have to repackage. How you find SMS for distributing those more obscure packages ?
Click to expand...

It's easy peasy :) I hate people who are 'repackage' mad, half the time there's really no need to change the vendor installer as such. If you have SMS then you are 'allowed' to use the SMS installer utility from MS. It's a bit old but I find it does everything I need and haven't had a piece of software I haven't been able to push out silently yet.

I had a bash with things like wise package studio but I wasn't impressed so went back to the freebie MS tool :) If I ever need to do any msi editing I just crack out Orca.
 
ChrisR

ChrisR

ClioSport Club Member
The Hoff said:
www.appdeploy.com

Great site for repackaging information :)
Click to expand...

Yeah if I get stuck with something it's always worth a visit :) Some of the info in their package db thing is a bit misleading, and sometimes just wrong, but not very often at all :)

It's funny reading some of the forum posts, people really do make a meal of packaging and try to be way to clever for their own good. Keeping everything nice and simple is the best way to keep everything working :)
 
You must log in or register to reply here.

Similar threads

Kirsty
CSF22 Raffle Prizes
Replies
29
Views
2K
andybond
andybond
R
New Clio 200 EDC member
Replies
27
Views
4K
Ol’ Tarby
Ol’ Tarby
DeeKay86
My Comprehensive Notes from todays Apple Special Event! 8th March 2022. [Mac Studio / Studio Display etc].
Replies
0
Views
1K
DeeKay86
DeeKay86
W
Urgent help needed - Microsoft Outlook password recovery impossible??
Replies
2
Views
1K
White16valver
W
DeeKay86
My Comprehensive Notes from todays Apple WWDC Keynote!
Replies
25
Views
3K
Ay Ay Ron
Ay Ay Ron


Top