Educause Security Discussion mailing list archives
Re: Local Administrators
From: "Brian K. Doré" <bkd () LOUISIANA EDU>
Date: Thu, 27 Mar 2008 10:32:54 -0500
You have software that runs for Administrators but not as Power Users? XP or Vista? * If security is a concern, you probably want your users to run as plain USERS. Not Power Users. Power Users can become administrators without too much trouble. If the software runs as an Administrator, but not as a regular user then take the time to find out what files/folders/registry keys the programs need access to and set access appropriately for users. You can do this by setting deny access auditing on the file system and registry, or using tools like filemon and regmon to determine what is needed. Once you figure them out, use Group Policy to apply the settings to the appropriate computers. * In VISTA the POWER USERS group doesn't have the same permissions that it had in XP. Also, in Vista, registry virtualization can allow some poorly written software to run without giving users higher access. Brian --- Brian Doré University of Louisiana at Lafayette From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Daniel Bennett Sent: Thursday, March 27, 2008 9:48 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Local Administrators Currently we allow our students to be local administrators on lab computers. The reason is that some software needs admin-level access to run. How do you all handle software like that. I would like to get our students to the power-user level. Thanks, Daniel R. Bennett CompTIA Security+ Information Technology Security Analyst Pennsylvania College of Technology One College Ave Williamsport, PA 17701 (P) 570.329.4989
Current thread:
- Local Administrators Daniel Bennett (Mar 27)
- <Possible follow-ups>
- Re: Local Administrators Tupker, Mike (Mar 27)
- Re: Local Administrators Brian K. Doré (Mar 27)
- Re: Local Administrators Torres, Juan (Mar 27)
- Re: Local Administrators Daniel Bennett (Mar 27)
- Re: Local Administrators Sabo, Eric (Mar 27)
- Re: Local Administrators Dave Hull (Mar 29)