• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 343
  • Last Modified:

Monitor File access with Security permissions

I need to find out what security permissions this applications needs on the system , so i dont have to make every user that needs this software an administrator. I know i can use filemon to monitor what files are being accessed. Is there a similiar tool or way to find out what files the user /or system is erroring out on becuase it doesn't have access to them when the user trys to run the application?
0
navajo26354
Asked:
navajo26354
  • 2
4 Solutions
 
Justin OwensITIL Problem ManagerCommented:
What application are you using which requires administrative access (which you don't want to grant your users)?

Justin
0
 
peter41Commented:
Some time ago I had to do similar task.
First: If application is installed from *.msi, on the beginning of installation it should offer two options:
a) Application used only by user account who installs it
b) Application can be used by everyone
Try to reinstall it and look if is there such option, if yes and you chose everyone  system sets suitable rights for every user to use it.

If you have not described option I am afraid that you can only investigate access with filemon, regmon, or setting auditing of access on files and then looking into security log for denied access.
Maybe helpful can be utility "handle" from sysinternals, you can start application with full rights and look what files have it opened, but application can open file and close it immediatelly, so in this case you will not see it.

Peter
0
 
Justin OwensITIL Problem ManagerCommented:
I have also found that the vendors generally know the why of why it needs administrative access.  It is generally a combination of file, folder, and/or registry key access not granted to standard users.  I have had almost 100% success at getting apps which "require" admin access to work, given enough time and support from the vendor.

Justin
0
 
Mohamed OsamaSenior IT ConsultantCommented:
using Procmon , you will be able to exactly pinpoint the source of your problem, The ACCESS DENIED message should make it easy.
filter out by registry & file system access with only your processes in scope which will give you the same effect as using Filemon & Regmon simultaneously.


0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now