We help IT Professionals succeed at work.

How to run software requiring admin rights in standard user account without entering credentials

TuliTaivas
TuliTaivas asked
on
2,272 Views
Last Modified: 2011-10-03
Is it possible in Windwos Vista (Ultimate) to set up an application requiring administrativer rights in such a way, that a standard user can run it without the need to enter administrative credentials (consent at the most or no user interaction at all)? That way the number of help desk calls to enter the credentials could be minimized and at the same time users could not run administrative applications ad libitum.
Comment
Watch Question

LeeTutorretired
CERTIFIED EXPERT
Top Expert 2009

Commented:
TuliTaivasserver admin

Author

Commented:
>Perhaps this page will help you:
Almost! What I need is the follow up post:
"Unfortunately, most of the ways described here wont prevent these UAC pop-ups from getting on your nerves [...]. In a future post I will show you how to get rid of them..."

I think I found it:
http://4sysops.com/archives/the-ninth-and-best-way-to-elevate-a-vista-application/ 
and it links to
http://sbs.seandaniel.com/2007/05/how-to-launch-program-always-elevated.html
for the full story.
However, this is only for applications started manually. When an application starts an other (say an application calls its updater) which needs admin privileges then this solution doesn't help.

Sorry, I think my original question wasn't clear about this. Maybe I should rephrase it:
Is it possible for me as an administrator to set up an application in such a way that when it runs in a standard user context and needs elevated priviliges that it only asks for consent but nor for credentials. This should be so even if the appliaction is not started manually but is called from an other application.

(Hope it's clearer now)
Roger
retired
CERTIFIED EXPERT
Top Expert 2009
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Forced accept.

Computer101
EE Admin
TuliTaivasserver admin

Author

Commented:
Sorry for not comming back sooner...

Yes, I agree, it's probably not possible. At least I haven't found a way to do it.
Would be handy though. A list of allowed programms in a GPO, possibly with a checksum and or name/path information would make things more secure than telling the users the admin credentials...
Maybe in SP2...

Roger
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.