Solved

Vista home and the UAC

Posted on 2009-03-30
13
402 Views
Last Modified: 2012-05-06
Fellow Experts, I need some assistance.  I have recently been told that we are going to switch from Vista Business to Vista Home premium becuase of the cost.  I think its a bad idea but hey..Im not the Boss.  My question is.. How can I lock down the user so they cant install any programs or change any computer settings without putting in the admin password.  I can tell it to be a standard user but when I try to install something to test it, I get an error saying that the user doesnt have admin priv.  It doesnt prompt me to enter the admin password.  I need the user to basicly have admin access to everything else as some programs we use require admin priv..but I need to stay in control of what is installed on each computer.  Obviously it was easy with Vista Business and Group Policy but with Home Premium I am stumped.  To recap, the user can have admin priv..so I dont mind setting the user as an admin and then set the UAC in the registry to prompt..but if the user is an admin and has his own password I wont be able to keep track of what is installed.  I need to do this as well.  Is it possible with this version of windows or am I out of luck.

Thanks
Dusty
0
Comment
Question by:c2csurveys
  • 6
  • 4
  • 3
13 Comments
 
LVL 3

Expert Comment

by:rbeckerdite
ID: 24023065
have you experimented withthe RUNAS command it allows the kind of scenario you are describing.
0
 

Author Comment

by:c2csurveys
ID: 24023124
I was going to try that Next.  I didnt want to have to tell every program to RUNAS.  That also means that if a new program needs to be installed we have to switch users instead of me remoting in putting in the credentials to allow the install.  Time is what Im trying to save I guess, but there may be no choice but to set the user as standard and then tell all the apps I need to runas admin to do so.  I was hoping for a way with UAC as I would like to learn more abou it.  I usually just turn it off but after passing my 70-640 exam it seems like a great tool to try and utilize..to bad they dont allow all the customization in the home versions.  
0
 
LVL 90

Accepted Solution

by:
John Hurst earned 500 total points
ID: 24023295
I realize you are not the boss, but it is a really dumb idea to use Home anything (including Vista) for business purposes. The costs savings per seat will get eaten up over time and more in additional support costs ("I have Vista Home-X and cannot do ...." questions). Try one more time, especially with the high cost of support issue on the table. ... Thinkpads_User
0
 
LVL 3

Expert Comment

by:rbeckerdite
ID: 24023316
Yes if at all possible leave UAC running.  Scripting is a good way to handle this or pushing your apps out via group policy?
0
 

Author Comment

by:c2csurveys
ID: 24023352
HA!! I wish I could show you what kind of boss we have.  I know most experience this..but I cant believe its so bad.  Our IT department which consists of 2 in a company of about 100 ppl.  We have been pushing for things like business and even other things like sans devices etc.  But we dont get it.  We dont make the company money according to the BOSS. (ie. Owner)  SO why spend money on the network.

Anyway.  To follow up with your response.  It wont happen.  all employees had to take a 25% pay cut and have 2 hrs extended to the day that is manitory or your pay will only be 50% instead of 75%.  Needless to say it sucks big time and iM looking for a new Job.  But until then..I have to get laptops to the field guys so this is the only solution for now.

Thanks for backingme up though on the need for business. :)
0
 

Author Comment

by:c2csurveys
ID: 24023392
rbeckerdite:

These laptops will not connect to the office at all times.  They are for field guys that are on the road 99% of the time.  And to be honest.  I dont know anything about scripting so Im clueless there. :) Besides..maybe Im wrong..but group policy wont work on a machine that isnt connected to a network anyway right.  I am new to IT and Im learning alot but I know I have lots to learn so by almeans School me in the right way. :)

0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 90

Expert Comment

by:John Hurst
ID: 24023514
@c2curveys - You are almost where I said you would be at the current time. I have no problems maintaining a stable connection to multiple clients with my T61p Vista Business 64-bit laptop.

Are you on XP Pro right now. In this situation, I would seriously consider staying with XP Pro until the time is right to do a proper upgrade. I have lots of XP Pro clients doing stable remote access without admin permissions. I have only a few specialized Vista clients and they have admin permissions for other reasons. I am experimenting with limited access Vista business clients but have not yet completed that testing. ... Thinkpads_User
0
 
LVL 3

Expert Comment

by:rbeckerdite
ID: 24023519
This article might be helpful.  There is some native functionality intended for installing applications.
http://www.windowsnetworking.com/articles_tutorials/Group-Policy-Deploy-Applications.html
0
 

Author Comment

by:c2csurveys
ID: 24023557
Thinkpads:  I have no choice.  Again..its a money issue.  We go out to the local Best Buy and buy a cheap 600 laptop.  As you know, everything in that price range only comes with vista home prem.  And I dont want to do the illigal thing and install a copy of xp or even vista bus when I dont have the license.  if I had the license I would upgrade or downgrade to XP-pro imediately.
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 24023823
@c2csurverys - I don't wish to be argumentative or put you in a bad spot. I am conversant enough with Vista Business and XP Pro (my top points in EE), and not conversant with Vista Home except with any common elements of the Vista OS.

I have clients who are not yet ready to switch to Vista and I am working with them to begin the transition. In the meantime, we have had good success with purchasing year-old or 18-month old used top name-brand computers (IBM) and purchasing a warranty to go with them. The cost is typically less than you are paying for a new Vista home cheap computer, and the clients are currently comfortable with staying with XP.

Again, since I am not being helpful with your technical problem, I will limit my posts as I have said my piece about the strategy. I apologize to anyone here if I am being perceived as being out of line.  ... Thinkpads_User
0
 

Author Comment

by:c2csurveys
ID: 24023862
Thanks Thinkpads.  I agree with you 100%..its getting the Others ;) to see the same thing.  I dont think anything you said has been out of line.

0
 
LVL 3

Expert Comment

by:rbeckerdite
ID: 24025374
Things sound tough.. You can also create two accounts for the users one a local admin the laptop and one a domain account and just disable the internet for the local admin account.  This is a way to get them to use the admin account as their primary account.
0
 

Author Comment

by:c2csurveys
ID: 24028080
@rbeckerdite

This is a vista home machine.  It cannot be joined to a domain and it doesnt support group or local policy.  Your suggestions are good but they dont apply in this case.  I have no choice but to use vista home premium on this laptop since that is what it was licensed with and I dont have any other license to install a different version.  Ill make do I guess with the runas command.

0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

So who is this article for? If you are like most of the computer users out there, you probably only realize the meaning of 'System maintenance' after something goes wrong. This article is for you if you care about keeping your system working opti…
Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now