We run an application that requires local machine administrator rights to run. In the interests of security, we are trying to identify which specific files/folders/regkeys require the admin rights for the app to work. We are doing this by applying full control to certain objects related to the application. This did not allow the app to work. So we applied full control to the entire C drive and to the entire registy. This did not allow the app to work either. So my question is, what's the difference in reality between a user having local machine admin rights and full control rights to everything on the machine?
Your help is greatly appreciated!