we run an application that requires local administrator rights. It's a sql based application. Our server is 2012 Standard. The software vendor who supports this application is no help with this problem. How do we lock-down the workstations and still allow this sql-base program to work?
Not only does the program have to run in compatibility mode- "run as administrator, the local user must be admin rights
I can usually get around this problem by granting "Users" modify rights to the program's folder under the "Program Files" directory and granting "Users" full control rights to the program's registry entries