Allow user to run a *.exe file from a USB key
Last response: in Windows 2000/NT
Archived from groups: microsoft.public.win2000.group_policy (More info?)
We have several users with USB Drives. The drives come with encryption
software however, to use the software users require administrative rights to
the workstation. We cannot grant this right. I am looking for a work
around. Using Group Policies, can I grant users the administrative right to
run a particular *.exe file?
We have several users with USB Drives. The drives come with encryption
software however, to use the software users require administrative rights to
the workstation. We cannot grant this right. I am looking for a work
around. Using Group Policies, can I grant users the administrative right to
run a particular *.exe file?
More about : user run exe file usb key
Archived from groups: microsoft.public.win2000.group_policy (More info?)
Hi,
Actually the software probably just needs some "write access" on one or two
files, not necessarily Admin access. There are a few ways to figure out what
files the users need to be able to write to. Just to start, run regedit and
give the users full control over the HKEY_Local_Machine - Software - Software
name of company key.
What I do is I login as an Admin, I look at the time, I run the application,
and then I do a search (all files including Windows files MUST be visible +
extensions) for all files modified today. I look at the time and it gives a
good idea of any files that have been just "written to". Ignore the system
files and anything with the .dat
I haven't found an app yet that "requires admin access" that I can't get
running under a regular user with just a few permissions tweeks.
Also, I have found with the USB drives, if I load the drives once as an
admin then the users can use them all the time after that.
Cheers,
Lara
"JD" wrote:
> We have several users with USB Drives. The drives come with encryption
> software however, to use the software users require administrative rights to
> the workstation. We cannot grant this right. I am looking for a work
> around. Using Group Policies, can I grant users the administrative right to
> run a particular *.exe file?
>
>
Hi,
Actually the software probably just needs some "write access" on one or two
files, not necessarily Admin access. There are a few ways to figure out what
files the users need to be able to write to. Just to start, run regedit and
give the users full control over the HKEY_Local_Machine - Software - Software
name of company key.
What I do is I login as an Admin, I look at the time, I run the application,
and then I do a search (all files including Windows files MUST be visible +
extensions) for all files modified today. I look at the time and it gives a
good idea of any files that have been just "written to". Ignore the system
files and anything with the .dat
I haven't found an app yet that "requires admin access" that I can't get
running under a regular user with just a few permissions tweeks.
Also, I have found with the USB drives, if I load the drives once as an
admin then the users can use them all the time after that.
Cheers,
Lara
"JD" wrote:
> We have several users with USB Drives. The drives come with encryption
> software however, to use the software users require administrative rights to
> the workstation. We cannot grant this right. I am looking for a work
> around. Using Group Policies, can I grant users the administrative right to
> run a particular *.exe file?
>
>
Archived from groups: microsoft.public.win2000.group_policy (More info?)
Great advise. I will try this and let you know.
"lforbes" wrote:
> Hi,
>
> Actually the software probably just needs some "write access" on one or two
> files, not necessarily Admin access. There are a few ways to figure out what
> files the users need to be able to write to. Just to start, run regedit and
> give the users full control over the HKEY_Local_Machine - Software - Software
> name of company key.
>
> What I do is I login as an Admin, I look at the time, I run the application,
> and then I do a search (all files including Windows files MUST be visible +
> extensions) for all files modified today. I look at the time and it gives a
> good idea of any files that have been just "written to". Ignore the system
> files and anything with the .dat
>
> I haven't found an app yet that "requires admin access" that I can't get
> running under a regular user with just a few permissions tweeks.
>
> Also, I have found with the USB drives, if I load the drives once as an
> admin then the users can use them all the time after that.
>
> Cheers,
>
> Lara
>
> "JD" wrote:
>
> > We have several users with USB Drives. The drives come with encryption
> > software however, to use the software users require administrative rights to
> > the workstation. We cannot grant this right. I am looking for a work
> > around. Using Group Policies, can I grant users the administrative right to
> > run a particular *.exe file?
> >
> >
Great advise. I will try this and let you know.
"lforbes" wrote:
> Hi,
>
> Actually the software probably just needs some "write access" on one or two
> files, not necessarily Admin access. There are a few ways to figure out what
> files the users need to be able to write to. Just to start, run regedit and
> give the users full control over the HKEY_Local_Machine - Software - Software
> name of company key.
>
> What I do is I login as an Admin, I look at the time, I run the application,
> and then I do a search (all files including Windows files MUST be visible +
> extensions) for all files modified today. I look at the time and it gives a
> good idea of any files that have been just "written to". Ignore the system
> files and anything with the .dat
>
> I haven't found an app yet that "requires admin access" that I can't get
> running under a regular user with just a few permissions tweeks.
>
> Also, I have found with the USB drives, if I load the drives once as an
> admin then the users can use them all the time after that.
>
> Cheers,
>
> Lara
>
> "JD" wrote:
>
> > We have several users with USB Drives. The drives come with encryption
> > software however, to use the software users require administrative rights to
> > the workstation. We cannot grant this right. I am looking for a work
> > around. Using Group Policies, can I grant users the administrative right to
> > run a particular *.exe file?
> >
> >
Archived from groups: microsoft.public.win2000.group_policy (More info?)
"=?Utf-8?B?bGZvcmJlcw==?=" <lforbes@discussions.microsoft.com> said
> Hi,
>
> Actually the software probably just needs some "write access" on one or
> two files, not necessarily Admin access. There are a few ways to figure
> out what files the users need to be able to write to. Just to start, run
> regedit and give the users full control over the HKEY_Local_Machine -
> Software - Software name of company key.
>
> What I do is I login as an Admin, I look at the time, I run the
> application, and then I do a search (all files including Windows files
> MUST be visible + extensions) for all files modified today. I look at
> the time and it gives a good idea of any files that have been just
> "written to". Ignore the system files and anything with the .dat
>
> I haven't found an app yet that "requires admin access" that I can't get
> running under a regular user with just a few permissions tweeks.
>
Excellent advice.
The other great tools to assist in doing this are regmon and filemon from
sysinterals.com.
--
Andy.
"=?Utf-8?B?bGZvcmJlcw==?=" <lforbes@discussions.microsoft.com> said
> Hi,
>
> Actually the software probably just needs some "write access" on one or
> two files, not necessarily Admin access. There are a few ways to figure
> out what files the users need to be able to write to. Just to start, run
> regedit and give the users full control over the HKEY_Local_Machine -
> Software - Software name of company key.
>
> What I do is I login as an Admin, I look at the time, I run the
> application, and then I do a search (all files including Windows files
> MUST be visible + extensions) for all files modified today. I look at
> the time and it gives a good idea of any files that have been just
> "written to". Ignore the system files and anything with the .dat
>
> I haven't found an app yet that "requires admin access" that I can't get
> running under a regular user with just a few permissions tweeks.
>
Excellent advice.
The other great tools to assist in doing this are regmon and filemon from
sysinterals.com.
--
Andy.
Related ressources:
- ForumDisable Exe and Other File Types from being run /viewed
- ForumPrevent user running regedit. exe , gpedit.msc etc.
- ForumAcer exe file issues....PLEASE HELP!!!
- ForumHow to allow user permissions over system folders
- ForumCant run explorer. exe
- ForumGroup Policy to allow user to run program without bring lo..
- ForumRun Batch file before Windows XP loads
- ForumHow To Install Exe . Files From CD/DVD w. WINDOWS 7?
- ForumWhy is my USB 3.0 so slow?
- ForumC:\Windows\System32\SAMSVR.dll Bad Image File
- ForumWin 7 64bit won't allow to install program in the WINDOWS folder.
- ForumHey Toejam I got a file that I can't delete
- ForumUSB Key Drive
- ForumWindows 7 on ssd boot drive and user files program files on normal HD
- ForumLogonui exe -system error windows 7 & credui dll
- ForumParallel and com ports not appearing in device manager
- ForumDon't want User GP to run on Terminal Server - Possible?
- ForumUser Profile!
- Forumconverting from roaming, back to local profiles
- ForumHow to allow cd burning using windows xp built in burning ..
- More resources
!
