| Home | Register | Members | Search | Windows Vista Tips | File Database | Links |
 |
| Thread Tools | Display Modes |
|
Guest
Posts: n/a
|
|
|
|
||
|
|
| |
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
Ah - that would be *this* 'Lokesh Dave' then, would it?
Lokesh Dave, MS (Comp. Engg), 738 West 27th Street,Apt # 6, Univ. Of Southern California, LA,CA-90007, Ph:213-748-3145, Teaching Assistant, Math126, Work  RB204, Ph:213-740-3761,http://www-scf.usc.edu/~ldave Nothing to do with Microsoft there, that I can see? Care to show otherwise? -- Noel Paton (MS-MVP 2002-2005, Windows) Nil Carborundum Illegitemi http://www.btinternet.com/~winnoel/millsrpch.htm http://tinyurl.com/6oztj Please read http://dts-l.org/goodpost.htm on how to post messages to NG's "Lokesh Dave [MSFT]" <Lokesh Dave [MSFT]@discussions.microsoft.com> wrote in message news:F6BFBAA9-927B-40B7-B4AC-... > The Automatic Updates process runs as a service and you dont need to be > logged on as an admin for AU to be able to detect, download or install > updates. You could set Automatic Updates to install updates at a scheduled > time. This way the updates will get installed even if you logged on as a > non-admin (and even if you are not logged in at all). > > Lokesh > > > -- > This posting is provided "AS IS" with no warranties, and confers no > rights. > > > "en7ropia" wrote: > >> That doesn't answer my question. >> >> In any case, I would be fine with the Automatic Updates "process" >> running >> as admin in order to get the updates downloaded and installed. I find >> this >> to be a serious issue. One should not be forced to be logged in as an >> administrator to acquire updates. What am I to do if I don't want a user >> to >> be able to have administrative access to a machine. How then does that >> user >> get their Automatic Updates? (Someone has to log in as administrator to >> run >> them??) >> >> There needs to be a way to have the "Automatic Updates" run under the >> administrator account, without the "limited user" having to type in an >> administrator password every time it needs to run. >> >> Basically, It would be nice if I could tell "Automatic Updates" to run >> under >> the Admin account (I would have to type the admin password once to >> configure >> this) >> >> From then on it would run under the Admin account without prompting for >> password. (And this "Admin credential" would apply to AutoUpdates >> ONLY!!!!!) >> >> RunAs.exe is a security problem because once you /savecred, anyone can >> runas >> ANY PROCESS!!! under the administrator account without a password. >> >> Thanks. >> >> "Noel Paton" wrote: >> >> > By definition, anything that runs as an Admin is a security risk - the >> > user >> > has to evaluate that risk and decide if it's worth it. (there are a >> > good few >> > things that will also run in a Limited User account that are also >> > Security >> > risks - have you stopped them yet?) >> > >> > -- >> > Noel Paton (MS-MVP 2002-2005, Windows) >> > >> > Nil Carborundum Illegitemi >> > http://www.btinternet.com/~winnoel/millsrpch.htm >> > http://tinyurl.com/6oztj >> > >> > Please read http://dts-l.org/goodpost.htm on how to post messages to >> > NG's >> > >> > "en7ropia" <> wrote in message >> > news:B038814A-72D3-498E-8EA1-... >> > > Does anyone know if Microsoft supports a method of having Automatic >> > > Updates >> > > run "Automatically" under a Limited User account? >> > > >> > > I have looked into "RunAs" but for it to not prompt for an >> > > administrator >> > > password, you must use the /savecred parameter which is a security >> > > problem. >> > > >> > > Thanks. >> > >> > >> > |
|
|
|
|
|||
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
Certainly, SP2 requires Admin access to install - but that was not the
question that you first asked! SP2 is a major System Upgrade (and in earlier times, may have been considered enough for a total version change - with all that that implies!), and should \NE|VER be attempted outside of an Admin account - after first ensuring that your PC is clear of all known interferences (malware, Norton, running software - in that order!) Again - any Security Update is likely to require Admin access - simply because it's Security-related, and therefore only Admin users should have access! -- Noel Paton (MS-MVP 2002-2005, Windows) Nil Carborundum Illegitemi http://www.btinternet.com/~winnoel/millsrpch.htm http://tinyurl.com/6oztj Please read http://dts-l.org/goodpost.htm on how to post messages to NG's "en7ropia" <> wrote in message news 91E9E6C-4315-4946-A266-...> Thanks for the link. > > From the article you linked to: > > "When critical updates are detected, Automatic Updates automatically > downloads these updates in the background while you are connected to the > Internet. After the download is complete, Automatic Updates waits until > the > scheduled day and time to install the updates. On the scheduled day and > time, > ALL LOCAL USERS receive the following message that has a five minute > countdown timer: " > > Windows is ready to begin installing the updates available for your > computer. > > Do you want Windows to install the updates now? > > (Windows will restarts your computer if no action is taken within 5:00 > minutes) > > > "If you are logged on as an administrator, when you receive this message, > you can either click Yes to install the updates or click No to have > Automatic > Updates install the updates at the next scheduled day and time. " > > (Note that limited users will see the No option disabled. They will be > forced to install the updates and reboot.) (Good) > > "If you do not take any action in five minutes, Windows automatically > installs the updates." > > -------------------------------------------- > > I actually tested this in Win 2000 Pro to see if it was working as the > article states: > > IT DID WORK! (Whether it will work consistently in the future is another > question.) > > (I needed to verify that auto updates was working under Limited user > accounts > because I was suspicious that I was not getting some updates) > > After the reboot, the limited user can log back in, and work normally. > > However, with XP, if SP2 had been download via AutoUpdates I'm thinking > that > an > Admin login might have been required after reboot. (to complete the SP2 > install) > > SP2 would have hopefully required Admin intervention to be installed. > > Can any one confirm or deny if Auto Updates (in XP) does in fact download > and install XP SP2 automatically? I would hope not. > > I have also noticed other "Windows Updates" such as IE program updates > that > required Admin login after the reboot in order to complete the install. > > (In fact Windows would not let the limited user log in until an Admin had > logged in first, so that the update could complete.) But these may just > have > been updates from "Windows Update" instead of "Automatic Updates". > > Thanks. > > > "Noel Paton" wrote: > >> IIRC, you're correct, - http://support.microsoft.com/?kbid=327838 >> gives some useful advice.... >> >> "If you are logged on as an administrator, the Automatic Updates feature >> in >> Windows notifies you when critical updates are available for your >> computer. >> There is a new Automatic Updates feature that you can use to specify the >> schedule that Windows follows to install updates on your computer. This >> article describes how to install this new Automatic Updates feature in >> Microsoft Windows XP and Microsoft Windows 2000 and how to use it to >> schedule Automatic Updates." >> >> HTH >> >> -- >> Noel Paton (MS-MVP 2002-2005, Windows) >> >> Nil Carborundum Illegitemi >> http://www.btinternet.com/~winnoel/millsrpch.htm >> http://tinyurl.com/6oztj >> >> Please read http://dts-l.org/goodpost.htm on how to post messages to NG's >> >> "en7ropia" <> wrote in message >> news:BD5F53DE-1C68-4199-BA14-... >> > Actually, I think Automatic Updates is supposed to download but NOT >> > INSTALL >> > the updates while running under a Limited User account. >> > >> > Can anyone confirm this? >> > Thanks. >> > >> > "Lokesh Dave [MSFT]" wrote: >> > >> >> The Automatic Updates process runs as a service and you dont need to >> >> be >> >> logged on as an admin for AU to be able to detect, download or install >> >> updates. You could set Automatic Updates to install updates at a >> >> scheduled >> >> time. This way the updates will get installed even if you logged on as >> >> a >> >> non-admin (and even if you are not logged in at all). >> >> >> >> Lokesh >> >> >> >> >> >> -- >> >> This posting is provided "AS IS" with no warranties, and confers no >> >> rights. >> >> >> >> >> >> "en7ropia" wrote: >> >> >> >> > That doesn't answer my question. >> >> > >> >> > In any case, I would be fine with the Automatic Updates "process" >> >> > running >> >> > as admin in order to get the updates downloaded and installed. I >> >> > find >> >> > this >> >> > to be a serious issue. One should not be forced to be logged in as >> >> > an >> >> > administrator to acquire updates. What am I to do if I don't want a >> >> > user to >> >> > be able to have administrative access to a machine. How then does >> >> > that >> >> > user >> >> > get their Automatic Updates? (Someone has to log in as >> >> > administrator >> >> > to run >> >> > them??) >> >> > >> >> > There needs to be a way to have the "Automatic Updates" run under >> >> > the >> >> > administrator account, without the "limited user" having to type in >> >> > an >> >> > administrator password every time it needs to run. >> >> > >> >> > Basically, It would be nice if I could tell "Automatic Updates" to >> >> > run >> >> > under >> >> > the Admin account (I would have to type the admin password once to >> >> > configure >> >> > this) >> >> > >> >> > From then on it would run under the Admin account without prompting >> >> > for >> >> > password. (And this "Admin credential" would apply to AutoUpdates >> >> > ONLY!!!!!) >> >> > >> >> > RunAs.exe is a security problem because once you /savecred, anyone >> >> > can >> >> > runas >> >> > ANY PROCESS!!! under the administrator account without a password. >> >> > >> >> > Thanks. >> >> > >> >> > "Noel Paton" wrote: >> >> > >> >> > > By definition, anything that runs as an Admin is a security risk - >> >> > > the user >> >> > > has to evaluate that risk and decide if it's worth it. (there are >> >> > > a >> >> > > good few >> >> > > things that will also run in a Limited User account that are also >> >> > > Security >> >> > > risks - have you stopped them yet?) >> >> > > >> >> > > -- >> >> > > Noel Paton (MS-MVP 2002-2005, Windows) >> >> > > >> >> > > Nil Carborundum Illegitemi >> >> > > http://www.btinternet.com/~winnoel/millsrpch.htm >> >> > > http://tinyurl.com/6oztj >> >> > > >> >> > > Please read http://dts-l.org/goodpost.htm on how to post messages >> >> > > to >> >> > > NG's >> >> > > >> >> > > "en7ropia" <> wrote in message >> >> > > news:B038814A-72D3-498E-8EA1-... >> >> > > > Does anyone know if Microsoft supports a method of having >> >> > > > Automatic >> >> > > > Updates >> >> > > > run "Automatically" under a Limited User account? >> >> > > > >> >> > > > I have looked into "RunAs" but for it to not prompt for an >> >> > > > administrator >> >> > > > password, you must use the /savecred parameter which is a >> >> > > > security >> >> > > > problem. >> >> > > > >> >> > > > Thanks. >> >> > > >> >> > > >> >> > > >> >> >> |
|
|
|
|
|||
|
|
| |
|
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| How can I allow for Automatic Updates work for Limited Users on non-Microsoft programs? | Eric Wood | Windows Vista Security | 6 | 03-08-2009 07:45 AM |
| Change limited user rights | Erik | Windows Vista Administration | 4 | 11-29-2008 09:25 PM |
| OT: Avast and Limited User | PaulZ | Windows Vista Security | 3 | 05-27-2008 08:40 PM |
| How do you have Automatic Updates run for restricted user | Ron | Windows Update | 2 | 02-17-2004 02:08 PM |
| How do you have Automatic Updates run for restricted user | Ron | Windows Update | 1 | 02-08-2004 09:42 PM |
Linear Mode
