AD Schema Privilege
From: SpecialK (specialk_at_hotmail.com)
Date: 02/18/04
- Next message: Mike Aubert: "Re: Schema Privileges"
- Previous message: JohnH: "Access Denied in creating Child Domain"
- Next in thread: John Smith: "Re: AD Schema Privilege"
- Reply: John Smith: "Re: AD Schema Privilege"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 18 Feb 2004 20:27:23 +1100
Hi allIs there a "backdoor" or way for an application installation to
programmatically, get elevated privileges to update the AD schema?
Eg. the Schema Admins group is empty and the Schema partition is not set to
be writable, however an end-user attempts to install an application on their
workstation which tries to update the schema as part of the install. To be
able to isntall the app the application is already in an elevated privilege
state. Is there a way to ensure that there is no chance a rogue app
installed by an end-user can update the schema?
I would like to ensure that in this situation, the schema update by the
users application install should FAILThanks
- Next message: Mike Aubert: "Re: Schema Privileges"
- Previous message: JohnH: "Access Denied in creating Child Domain"
- Next in thread: John Smith: "Re: AD Schema Privilege"
- Reply: John Smith: "Re: AD Schema Privilege"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
