Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: local admin vs group policy and apps...

from [Robert Jandacek] Network Security [Permanent Link]
Subject: RE: local admin vs group policy and apps...
Date: Tue, 18 Jan 2005 09:21:56 -0700 
The link is actually here:

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=
CF3CC921-9B8E-4266-A905-2E2A20217CE0

Robert Jandacek
Horizon IT Dept.



-----Original Message-----
From: Bruce K. Marshall [mailto:bkmlstsgohere@comcast.net] 
Sent: Tuesday, January 18, 2005 6:31 AM
To: Murad Talukdar; focus-ms@securityfocus.com
Subject: Re: local admin vs group policy and apps...

Murad,

I would recommend looking at the following tool, called the Elevated 
Privileges Application Launcher (epal), from Microsoft:

http://www.microsoft.com/technet/prodtechnol/windows2000serv/downloads/e
pal.mspx

It should allow you to run your applications as a member of the 
Administrators without explicitly granting the end user the same
privileges.

----
Bruce K. Marshall - bmarshall@securityps.com - 913-484-7233
Security Professional Services, Inc. - Kansas City

----- Original Message ----- 
From: "Murad Talukdar" <talukdar_m@subway.com>
To: <>
Sent: Thursday, January 13, 2005 9:10 PM
Subject: local admin vs group policy and apps...



Hi,
We have two apps (even calling them legacy seems to attribute some
undeserved elegance to them) which must run at admin level to function
properly. I am trying to find out whether the fact that users are

allowed 

to
be local admins, or even given the runas power to run the app can

still be

locked out of control panel etc through GPOs.

I mean, if I let people runas then they know the admin password so can
rescind any GP settings, can't they? How can I shut that possibility

out?


Yes I have asked for the possibility of then apps being recoded to 
function
under power users but the development team are of the starving waif 
variety
due to under resourcing...this consideration is not high on the list.

Kind Regards
Murad Talukdar 



------------------------------------------------------------------------
---
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: IIS6 on W2k3 DCs, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
Next by Date:  Re: IIS6 on W2k3 DCs, Danny
Previous by Thread:  RE: local admin vs group policy and apps..., Sergey V. Gordeychik
Next by Thread:  PGP and Outlook, Nathaniel Hall
Indexes:  [Date] [Thread] [Top] [All Lists]