Re: Local Admin Rights
- From: createwindow@xxxxxxxxx
- Date: Sat, 13 Oct 2007 00:15:22 -0000
On Oct 13, 6:44 am, PSULionRP <PSULio...@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote:
What is the general concensus on local admin rights to client machines?
My concensus is that you should add the (I assume domain user?) to the
local administrators group for the PC/Notebook they do their work on.
This is going to cause less problems than messing with registry keys.
A lot of old (and new) applications "out there" write to HKLM and
write DATA to the "Program Files" directory as a birthright during
their normal operation. They ignore all the rules. However, these apps
will keep working and your users can get back to work if their domain
account also is included in the local PC or notebook "Administrators"
group.
But, NO, new applications today should assume only user group rights!
It is bad pactice to grant any administrative privileges to users
"these days". Especially on Vista, which will enfore registry and file
virtualization and generally make a non-future proof mess of your
registry if you install "yesterdays applications" for ordinary users.
But that's a whole other story - the technology and security of
Vista / Server 2008 is excellent. MS did not explain it too well -
_that_ is the UAC problem - lack of documentation in 2006 - not bad
technology.
Be sure to take good daily backups of your servers and network shared
programs/data. Imaging the desktops and servers is somthing I do to be
sure.
CreateWindow
http://mymessagetaker.com
The while-you-were-out message taking program you have been looking
for!
.
- Prev by Date: Re: reinstalling xp
- Next by Date: What processes can be responsible for short pauses in video playback?
- Previous by thread: reinstalling xp
- Next by thread: What processes can be responsible for short pauses in video playback?
- Index(es):
Relevant Pages
|
