USER RIGHTS

Hi There

I have posted a similar question to this before and i am having the same problem, here it is...

If i install windows xp onto a new client machine, login as the administrator and install all the necessary apps and things that he may need, all works fine.

After all that, i grant that user admin rights to his pc creating his name with admin. priv to the local machine..

I then logoff and login with his name and all seems to be fine.  If i click on a specific app it gives me and error or a series of errors, but when i hold in shit and right click, i select "ran as" type in the domain account "administrator" and password then it runs fine.  

I cannot give the users that password "what could be wrong?" I have a system policy in place which prevents the users from installing/removing apps and playing with settings, could this be that cause, what can i do to correct it?
hitechautoAsked:
Who is Participating?
 
WallsyConnect With a Mentor Commented:
It sounds to me like your policies are interfering with the default behaviour of the applications. If the apps are MSI based then everytime a new user logs on it will run the MSI again to install the new user's settings (if there are any).

Usually the two approaches are to either open the whole machine up (and let users install/uninstall apps themselves) or lock the machine down and use a deployment system like SMS to handle software deployment.

Probably the easiest way to achieve what you want is to install the applications as the user, and then lock their account down, with either policy or user rights changes.

I do agree with kneh though - the users shouldn't need admin rights!

HTH,

Wallsy
0
 
joedoe58Commented:
You have not given enough info for us to be able to understand really what happens but generally if you install a program under another user name the program will sometimes try to create default settings at first start of a new user. Still if you really have given local admin to the user he has all rights possible on the local machine, therefore did you check if the app tries to update something on the server?
0
 
JoesmailCommented:
You need to apply a security template to the workstation to make sure legacy programs/applications work.

Compatible: Compatws.inf

The Compatible template opens up the default permissions for the Local Users group so that legacy programs are more likely to run. This configuration is not considered a secure environment.

http://support.microsoft.com/kb/q216735/

This link has everything you need to setup this either on your domain or locally using the "Security Configuration and Analysis"  MMC snapin.....
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
JoesmailCommented:
0
 
kneHCommented:
I don't get you.

Why not install it all with the users admin account and be done with it?

As for the programs not working. Sounds like the applications got installed for the user. Not for all users.

Lastly giving your user an adminaccount will provide him the means to crack your account. Why on earth would you give him an admin account??? You can give him some admin proviledges. But not all. Big risk and will get you a lot more corrective work seeing they can break more.

$0.02
0
 
hitechautoAuthor Commented:
Hi round the problem

"regedit"

H_KEY Local machine, software, policies, microsoft, windows, installer

There is en entry there called "EnableAdminTSRemote" when the value ="1" it will always request "Admin Priv" unless logged in as an administrator.  I reset the value to "0" and it works fine.

Microsoft never seems to amaze me!

Thanks for the input

0
 
JoesmailCommented:
The work-around to the problem you posted is for admins installing apps from a TS session?

If you follow the steps I have outlined and you will have a resolution that works.  
0
 
rafael_accCommented:
Ok ... My guess is the application is not compatible with a multi user environment. It's as simple as that.
I would say there's an easy way to solve this ... I was thinking about running through a batch using the "runas" command ... but you still must input the password each time. Unless you know something about programming and hardcode the password in the program itself ... then you that program, would call the target one using a similar process as runas and using the hardcoded password and admin username ...

#Cheers.
0
 
Seething_GreyCommented:
The problem is actually as simple as profiles.  The application was installed as admin, so the admin profile may have specific application settings.  The best thing to try is follow these steps:

()  Create a second admin account on the workstation
()  Log in as the second admin account
()  Copy the Default User profile folder for backup purposes
()  Using the Profile Manager (Properties of My Computer/ Advanced Tab/ User Profiles Settings button)
()  Copy the original administratort profile to the Default User profile
()  Assign the Everyone group permission to the profile.
()  Log in as a user that has not logged into the workstation before
()  Test apps.

Hope that helps!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.