|
Posted by David Reed on December 26, 2006, 1:46 pm
Please log in for more thread options Dear Sir,
You sound like you have a lot of experience with Desktop Authority and
Security Explorer.
I am currently using DA 7.5. I anticpate purchasing SE in the next few
days.
I'd be curious about how much there is to do with DA and SE, and wondered if
we might exchange some messages? I've been using DA for over a year now,
but I know I'm not using it to its fullest potential.
Thank-you,
-David
(PS...anyone know of any ScriptLogic newsgroups?)
> You can add domain users to the local Administrators group with
> filtering function through Restricted groups by using Member of
> functionality (2k3 supports this as well). Because any application that
> installs device drivers or registers the service on local machine
> requires the principal to have local administrative privilidges there
> are reasons to do that sometimes. Even educational products such as
> Mathworks MATLAB for example install their services. MATLAB installs
> its MATLAB server service. Defragmentation software installs its
> services on machine. If we're talking about networking software such as
> network analyzers, bandwidth meters they always install their drivers
> on the machine. But you can restrict your user rights and still leave
> them with ability to install this software. You simply can install that
> software automatically when users log on to their computers with group
> policy or with desktop management software. I prefer to use Desktop
> Authority (http://www.scriptlogic.com/da), desktop management tool from
> Scriptlogic. I can set application to run under administrative
> priviledges. User would get it installed on his machine and would be
> able to run it even if he is just a member of domain users group. If
> application requires extra priviledges on registry hives or on
> services, I can change them remotely using Scriptlogic's Security
> Explorer (http://www.scriptlogic.com/securityexplorer). I just
> experiment first on my test machine to track which service and key
> requires which type of priviledges. I can create a template that
> contains needed ACEs, assing it to group and apply created ACL template
> to specified set of services. User gets the ability to use the service
> through the program but other keys that aren't used by this programs
> are intact and protected.
> Tom C. wrote:
>> We have a pretty simple setup: Single Win2K3 Server/DC and may 8 or 10
>> client machines. We have a couple of users that we have assigned only a
>> user
>> group membership on the domain because we don't want them messing with
>> files
>> on the server shares. But at the same time, the user level login
>> restricts
>> them on their personal clients to where they can't install software or
>> even
>> run some software. How do I keep them as users on the domain but at the
>> same
>> time give them administrative (read, FULL) access to their individual
>> client
>> machines? Thanks, tom c
>
----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+
Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
| 
XML Sitemap