Solved

Using "Run with Different Credentials" safely

Posted on 2006-07-06
3
203 Views
Last Modified: 2012-05-05
I working to protect school computers using Windows Shared Computer Toolkit.

In order to run some old programmes I have found it necessary to use "Run with Different Credentials", using a specially created Administrator account called, say, Admin2 (although the name used is less obvious than this). I can supply the students with the password to Admin2 so they can run the programme. So far so good.

However I am concerned that, knowing the name/password combination they will be able remember it and use it at the main logon screen. I have prevented this account from showing in the list of users, but they could still access the account by using Ctl+Alt+Del twice.

Can you suggest another method or policy I can use to prevent login occurring in this way for Admin2 , or another method of providing access to the legacy programmes? The computers are not connecting to a domain.

I tried adding the user to the "Deny Logon Locally" policy but this prevented the legacy programmes from running.

Thanks.

Jim B.

0
Comment
Question by:JimBrook
  • 2
3 Comments
 
LVL 13

Accepted Solution

by:
prashsax earned 500 total points
ID: 17054500
Here is a utility which allow you to mention the password using script.

http://www.jsifaq.com/SUBO/tip7100/rh7111.htm

Just create a script to run the program and then compile the script using bat2exe.

This way you don't have tell password to anyone and your application will work.
0
 

Author Comment

by:JimBrook
ID: 17055091
Thanks. I followed up on your advice and while looking how to implement it came across a utility called RunAs Professional which does most of the work for me.
0
 
LVL 13

Expert Comment

by:prashsax
ID: 17059947
Great.
ThankQ.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

How do we balance the user experience (UX) with reasonable security measures? It can be done, if you keep these fundamentals in mind.
Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question