Regular user needs to run app with admin rights
Posted on 2014-03-11
I have an app that needs to modify the value of a system registry key.
This is to enable/disable the use of USB storage devices based on an authorization process (i.e., database query).
If the logged-in user has admin rights, the app is able to modify the registry key, but when logged-in as a regular user then the app doesn't have sufficient rights to preform the edit. The obvious solution is to use the runas command when executing the app, but then we would need to require that the user not be prompted to enter the admin password.
I have found a number of examples on how to create a shortcut that can use runas without a password, but the GUI steps needed to set that up aren't feasible in my case. I need to remotely deploy the setup to 5,000+ workstations across our WAN.
Currently we use WPKG for deployments, but I don't know what registry changes I need to push out to enable normal users to run an app with elevated privileges.
Does anyone know what those registry changes might be or can suggest another option?