Solved

Using "Run with Different Credentials" safely

Posted on 2006-07-06
3
199 Views
Last Modified: 2012-05-05
I working to protect school computers using Windows Shared Computer Toolkit.

In order to run some old programmes I have found it necessary to use "Run with Different Credentials", using a specially created Administrator account called, say, Admin2 (although the name used is less obvious than this). I can supply the students with the password to Admin2 so they can run the programme. So far so good.

However I am concerned that, knowing the name/password combination they will be able remember it and use it at the main logon screen. I have prevented this account from showing in the list of users, but they could still access the account by using Ctl+Alt+Del twice.

Can you suggest another method or policy I can use to prevent login occurring in this way for Admin2 , or another method of providing access to the legacy programmes? The computers are not connecting to a domain.

I tried adding the user to the "Deny Logon Locally" policy but this prevented the legacy programmes from running.

Thanks.

Jim B.

0
Comment
Question by:JimBrook
  • 2
3 Comments
 
LVL 13

Accepted Solution

by:
prashsax earned 500 total points
ID: 17054500
Here is a utility which allow you to mention the password using script.

http://www.jsifaq.com/SUBO/tip7100/rh7111.htm

Just create a script to run the program and then compile the script using bat2exe.

This way you don't have tell password to anyone and your application will work.
0
 

Author Comment

by:JimBrook
ID: 17055091
Thanks. I followed up on your advice and while looking how to implement it came across a utility called RunAs Professional which does most of the work for me.
0
 
LVL 13

Expert Comment

by:prashsax
ID: 17059947
Great.
ThankQ.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now