Guys,
what about this scenario:
- Make sure the SUSS service is installed
- A user logs on with normal user rights
- The logonscript generates a random password and sets an environment variable SU_PASSWORD with the generated password.
- With the password.exe tool from MCA's site, in the logonscript the local administrator password is set to the generated password.
- If a user needs to install sofware you could write a script which asks for the setup command
- This install script starts SU.exe program with the administrator as user and the entered setup command.
A problem with this scenario is network access. This can be solved by allowing Null session shares.
his scenario allows a user to install software and still have a somewhat secure environment....
_________________________
Greetz,
Patrick Rutten
- We'll either find a way or make one...
- Knowledge is power; knowing how to find it is more powerful...
- Problems don't exist; they are challenges...
