Login as user but run login script portions with Domain Admins Permissions

Discussion in 'Scripting' started by Steven Sutherland, Jul 14, 2003.

  1. Steven Sutherland

    Steven Sutherland Guest

    Hello,

    NT 4 domain, login scripts are cmd files, not using WMI or
    Host Scripting, users are local admins on their PC but not
    on common use PC. When user logs into their PC their login
    script runs with needed permissions as they are a Local
    Administrator.

    When the user logs onto a common use PC, where they are
    not a Local Administrator, the script lacks needed
    permissions and causes the PC to reboot as it fails to
    delete files that the script is setup to delete.

    How could I create the user login script which is run from
    their User Profile via the Netlogon Folder to impersonate
    a different set of permissions (Domain Admins)in order for
    the script to complete successfully. I do not want to make
    the users Local Administrators on the common use PCs.

    Thanks for any suggestions.

    Steven Sutherland
     
    Steven Sutherland, Jul 14, 2003
    #1

    1. Advertisements

  2. Steven Sutherland

    David Wang [Msft] Guest

    Maybe you can change your script to not require admin privileges to run? It
    seems dangerous that you want to allow common users to run as domain admin
    simply for a logon script to succeed. If your script is fine with users
    running around as local admin on their machine, then you should be fine with
    allowing "Users" group read/write access to the files that they should be
    able to delete on the common use PC.

    --
    //David
    This posting is provided "AS IS" with no warranties, and confers no rights.
    //
    Hello,

    NT 4 domain, login scripts are cmd files, not using WMI or
    Host Scripting, users are local admins on their PC but not
    on common use PC. When user logs into their PC their login
    script runs with needed permissions as they are a Local
    Administrator.

    When the user logs onto a common use PC, where they are
    not a Local Administrator, the script lacks needed
    permissions and causes the PC to reboot as it fails to
    delete files that the script is setup to delete.

    How could I create the user login script which is run from
    their User Profile via the Netlogon Folder to impersonate
    a different set of permissions (Domain Admins)in order for
    the script to complete successfully. I do not want to make
    the users Local Administrators on the common use PCs.

    Thanks for any suggestions.

    Steven Sutherland
     
    David Wang [Msft], Jul 15, 2003
    #2

    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads

  1. Excel Macro Security Problem - Trusted macros not running for users (but do run for domain admins)

  2. Administrators versus Enterprise Admins versus Domain Admins vs Schema Admins

  3. Domain Admins adding Domain Admins

  4. removing domain admins group from local admins group on selected s

  5. How to make give cross-domain "Domain Admins" permissions

  6. Separating domain admins and enterprise admins

  7. Enterprise Admins versus Domain Admins versus Schema Admins

Loading...