How do i do this?? - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 07-13-2005, 04:17 AM   #1 (permalink)
Newb Techie
 
Join Date: Jul 2005
Posts: 2
Send a message via Yahoo to donmayor
Question How do i do this??

I have 3 programs that have to run on a system running windows XP pro irrespective of who logs on to it but the problem is that these programs can't run on a limited user account only on a administrative user account and i need to create limited user accounts with these programs still running. What do I do to be able to allow these programs run in a limited user accoun tunder administrative mode without giving the limited user account administrative privileges.
__________________

donmayor is offline  
Old 07-15-2005, 05:24 PM   #2 (permalink)
Banned
 
Join Date: May 2005
Posts: 7,915
Send a message via Yahoo to talldude123
Default

well, the program is probably very old (80s-90s area) so you would have to right click on the program --> compatibility --> and set the compatiblity modes properly. I hope that works!
__________________

talldude123 is offline  
Old 07-15-2005, 05:26 PM   #3 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Setup user rights and access.
__________________
Osiris is offline  
Old 07-15-2005, 05:34 PM   #4 (permalink)
Master Techie
 
Join Date: Oct 2003
Posts: 2,258
Default

Here is what you do... First, you have to figure out why the program needs admin access. Use the following to find this...
FileMon http://www.sysinternals.com/Utilities/Filemon.html
Regmon http://www.sysinternals.com/Utilities/Regmon.html

On XP, you can do a runas on any .exe. Do that on these programs for the limited user account. Watch the process name of the application you are looking at. run the program as the limited user. These will tell you all about the file/folders(Filemon) and registry keys (regmon) that are not nativley allowed by the OS. Then you can add access back to the locations for these users by using the Authentiacted Users group.

if you need help with this, let me know. I work as a contractor for a very tightly controlled Company, where my job consists of finding ways to allow users to do things admins and power users can. It's a lot of fun, but can be a pain at times too...

Good luck
Inaris is offline  
Old 07-22-2005, 05:05 PM   #5 (permalink)
Newb Techie
 
Join Date: Jul 2005
Posts: 2
Send a message via Yahoo to donmayor
Default not working

I could not get the authenticated users tab on windows XP pro, i could only get it on windows 2000 computers. how do i use this on windows XP? i tried changin the combatibilty option but nothing changed. Thanks for your anticipated help
donmayor is offline  
Old 07-22-2005, 06:52 PM   #6 (permalink)
Master Techie
 
Join Date: Oct 2003
Posts: 2,258
Default

This is what I was talking about...

if you right click on a program, or shift right click depending... you get the option, "Run As". if you select that, you are given a dialog. in that dialog you can specify the account to use to run the program. if you use an admin network/local credential, they run as that account. so, let say you have user1 (local machine account) and net_user1 (Domain Account) who are both member of the Local machine group called Administrators. Then lets say you have a program called APP1. This app requires access to files in %systemroot%, which is protected, so when you launch the program as a non admin user, you will get an error. If you run it as an admin, you will not get an error. This is what I was describing you in my previous post.
If you run Filemon, as an admin, when the non admin is logged on, you will see access Denied errors in several things. These should be the files that the user can not access.
If you go to the specific file, and right click it, then select properties, you should be given window with several tabs on it. Select the security tab. in the middle of the window is an add button, click that and then in the new box, type Authenticated users and then click apply. if you spell it wrong, then it will tell you it can't find it. Also check to see if you are looking at local machine versus domain.
This should allow you to do what you need. Hope it helps.
Good luck
__________________

Inaris is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 06:51 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.