Solved

How to lock-down workstations that require local admin rights for main office sql app?

Posted on 2015-02-02
7
320 Views
Last Modified: 2015-02-27
we run an application that requires local administrator rights.  It's a sql based application.  Our server is 2012 Standard.  The software vendor who supports this application is no help with this problem.  How do we lock-down the workstations and still allow this sql-base program to work?

Not only does the program have to run in compatibility mode- "run as administrator, the local user must be admin rights

the workstations are windows 7
0
Comment
Question by:geek3
7 Comments
 
LVL 53

Assisted Solution

by:McKnife
McKnife earned 250 total points
ID: 40584684
Only third party applications can help you, try powerbroker by beyondtrust.
0
 
LVL 5

Accepted Solution

by:
R. Toby Richards earned 250 total points
ID: 40586429
I can usually get around this problem by granting "Users" modify rights to the program's folder under the "Program Files" directory and granting "Users" full control rights to the program's registry entries under HKLM\Software. If that doesn't do it, then use Procmon to discover what files and/or registry entries show "Access Denied" when you run the program as a regular user.
0
 

Author Comment

by:geek3
ID: 40589221
Thank you, I'll try and get back with what worked.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 59

Expert Comment

by:LeeTutor
ID: 40634978
I've requested that this question be deleted for the following reason:

Not enough information to confirm an answer.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 40634979
Since one or the other would solve it, I vote for a split.
Either it can be overcome by adjusting access rights, or it can't, and then powerbroker is the state of the art solution.
0
 

Author Closing Comment

by:geek3
ID: 40635440
I decided to split the points between the two answers; I consider the best answer the non-third-party solution, however there probably are situations where you would have to use a piece of software (  to purchase PowerBroker you have to purchase a minimum of 20 users @$37.00)
thanks to all
geek3
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

This article explains how to reset the password of the sa account on a Microsoft SQL Server.  The steps in this article work in SQL 2005, 2008, 2008 R2, 2012, 2014 and 2016.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now