Solved

Using "Run with Different Credentials" safely

Posted on 2006-07-06
3
204 Views
Last Modified: 2012-05-05
I working to protect school computers using Windows Shared Computer Toolkit.

In order to run some old programmes I have found it necessary to use "Run with Different Credentials", using a specially created Administrator account called, say, Admin2 (although the name used is less obvious than this). I can supply the students with the password to Admin2 so they can run the programme. So far so good.

However I am concerned that, knowing the name/password combination they will be able remember it and use it at the main logon screen. I have prevented this account from showing in the list of users, but they could still access the account by using Ctl+Alt+Del twice.

Can you suggest another method or policy I can use to prevent login occurring in this way for Admin2 , or another method of providing access to the legacy programmes? The computers are not connecting to a domain.

I tried adding the user to the "Deny Logon Locally" policy but this prevented the legacy programmes from running.

Thanks.

Jim B.

0
Comment
Question by:JimBrook
  • 2
3 Comments
 
LVL 13

Accepted Solution

by:
prashsax earned 500 total points
ID: 17054500
Here is a utility which allow you to mention the password using script.

http://www.jsifaq.com/SUBO/tip7100/rh7111.htm

Just create a script to run the program and then compile the script using bat2exe.

This way you don't have tell password to anyone and your application will work.
0
 

Author Comment

by:JimBrook
ID: 17055091
Thanks. I followed up on your advice and while looking how to implement it came across a utility called RunAs Professional which does most of the work for me.
0
 
LVL 13

Expert Comment

by:prashsax
ID: 17059947
Great.
ThankQ.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s the first day of March, the weather is starting to warm up and the excitement of the upcoming St. Patrick’s Day holiday can be felt throughout the world.
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question