+ Post New Thread
Results 1 to 5 of 5
How do you do....it? Thread, Improving our Office setup in Technical; Hi all, Just an opinion I'd like from you and how we would go about it. In the last 3-4 ...
  1. #1

    Join Date
    Aug 2013
    Location
    Herne Bay
    Posts
    228
    Thank Post
    52
    Thanked 39 Times in 32 Posts
    Rep Power
    14

    Improving our Office setup

    Hi all,

    Just an opinion I'd like from you and how we would go about it.
    In the last 3-4 months I've been made a full time IT Support Technician and I'm training myself on the job.
    At the moment we have 3 rooms. IT suite, Main Office and Senior Management Team.

    Here is a diagram of the structure:


    We don't keep any files local (Or we try not too) We have a cloud server (Linux based Samba at a Data Center about 20 miles away).
    Everyone is an admin on their account because we have to put up with OCR's god awful software which requires an admin to run.

    Basically I want to make the whole system secure and faultless (I know right..)

    Sometime in the future I'l be turning the machine next to me into a server (FOG or using WDS) to make it so the machines aren't corrupt via software. It will look like this:






    Any suggestions are much appreciated
    Last edited by Bradlys; 21st November 2013 at 01:37 PM.

  2. #2
    soveryapt's Avatar
    Join Date
    Jan 2009
    Location
    Lancashire
    Posts
    2,402
    Thank Post
    648
    Thanked 277 Times in 244 Posts
    Rep Power
    78
    Quote Originally Posted by Bradlys View Post
    Everyone is an admin on their account because we have to put up with OCR's god awful software which requires an admin to run.
    I've got a couple of pieces of software here that require an admin account to run, so I've just set up a couple of encrypted scripts that use the RUNAS command to run them as an administrator which gets around it, is that something you could do there to stop them all being admin?

    Andy

  3. #3

    Join Date
    Aug 2013
    Location
    Herne Bay
    Posts
    228
    Thank Post
    52
    Thanked 39 Times in 32 Posts
    Rep Power
    14
    Quote Originally Posted by soveryapt View Post
    I've got a couple of pieces of software here that require an admin account to run, so I've just set up a couple of encrypted scripts that use the RUNAS command to run them as an administrator which gets around it, is that something you could do there to stop them all being admin?

    Andy
    That sounds perfect! How exactly does it work? I don't suppose if you have a spare 10 minutes you could do a screen cap or help me on skype?

    Thanks!

  4. #4
    soveryapt's Avatar
    Join Date
    Jan 2009
    Location
    Lancashire
    Posts
    2,402
    Thank Post
    648
    Thanked 277 Times in 244 Posts
    Rep Power
    78
    I'd love to, but don't have screen capture stuff with me here (don't need it on this site really) nor can I use Skype .. all blocked up .. I'll try and step you through it below though ..

    Right, open up Notepad (or your preferred text editor) and you need to create something similar to the following - please bear in mind, I've hacked this script a bit from one I've found, so someone might be able to give you a cleaner script - initially, this searched for the CD drive on the machine as one piece of software ran from a CD:

    Code:
    Set WshShell=WScript.CreateObject("WScript.Shell")
    
    Set FileSystemObject = CreateObject("Scripting.FileSystemObject")
    Set Drives = FileSystemObject.Drives
    For Each DiskDrive in Drives
        DriveLetter = DiskDrive.DriveLetter
        DriveType = DiskDrive.DriveType
    
        If DriveType = "CD-ROM Drive" Then
    	CDDrive = DriveLetter
    	Exit For
        End If        
    Next
    
    Set Drives = nothing
    Set FileSystemObject = nothing
    
    strCmd="C:\PATH\TO\PROGRAM.EXE"
    strUser="DOMAIN\ADMIN-ACCOUNT"
    strPass="ADMINPASSWORD"
    set WshShell=CreateObject("WScript.Shell")
    WshShell.Run "runas.exe" & " /u:" & strUser & " " & strCmd
    WScript.Sleep 1000
    WshShell.Sendkeys strPass & "~"
    When you've created this, save the file somewhere with the extension .vbs and follow the instructions on this page >>> Encrypting VBScript code ( vbs to vbe ) <<< to encrypt the vbs to a vbe. Now, word of warning, this doesn't mean it's unhackable as vbe can be reversed if you know how, but it just means the password isn't immediately available in plain text. Test the script to make sure that it works obviously (if just you testing, you can test the vbs version of it then when it works, convert it).

    Now, copy (or move) the .vbe file you've created to somewhere accessible by all for them to run the software from (I use the \\domain\NETLOGON area and have a folder within that then deploy short cuts to desktops and/or the Start Menu to let people run the program.

    And that's it, should get you being able to run the software as an administrator, but then demote the user accounts down to something more sensible within a managed environment.

    Hope that helps
    Andy

  5. Thanks to soveryapt from:

    Bradlys (21st November 2013)

  6. #5

    Join Date
    Aug 2013
    Location
    Herne Bay
    Posts
    228
    Thank Post
    52
    Thanked 39 Times in 32 Posts
    Rep Power
    14
    Quote Originally Posted by soveryapt View Post
    I'd love to, but don't have screen capture stuff with me here (don't need it on this site really) nor can I use Skype .. all blocked up .. I'll try and step you through it below though ..

    Right, open up Notepad (or your preferred text editor) and you need to create something similar to the following - please bear in mind, I've hacked this script a bit from one I've found, so someone might be able to give you a cleaner script - initially, this searched for the CD drive on the machine as one piece of software ran from a CD:

    Code:
    Set WshShell=WScript.CreateObject("WScript.Shell")
    
    Set FileSystemObject = CreateObject("Scripting.FileSystemObject")
    Set Drives = FileSystemObject.Drives
    For Each DiskDrive in Drives
        DriveLetter = DiskDrive.DriveLetter
        DriveType = DiskDrive.DriveType
    
        If DriveType = "CD-ROM Drive" Then
        CDDrive = DriveLetter
        Exit For
        End If        
    Next
    
    Set Drives = nothing
    Set FileSystemObject = nothing
    
    strCmd="C:\PATH\TO\PROGRAM.EXE"
    strUser="DOMAIN\ADMIN-ACCOUNT"
    strPass="ADMINPASSWORD"
    set WshShell=CreateObject("WScript.Shell")
    WshShell.Run "runas.exe" & " /u:" & strUser & " " & strCmd
    WScript.Sleep 1000
    WshShell.Sendkeys strPass & "~"
    When you've created this, save the file somewhere with the extension .vbs and follow the instructions on this page >>> Encrypting VBScript code ( vbs to vbe ) <<< to encrypt the vbs to a vbe. Now, word of warning, this doesn't mean it's unhackable as vbe can be reversed if you know how, but it just means the password isn't immediately available in plain text. Test the script to make sure that it works obviously (if just you testing, you can test the vbs version of it then when it works, convert it).

    Now, copy (or move) the .vbe file you've created to somewhere accessible by all for them to run the software from (I use the \\domain\NETLOGON area and have a folder within that then deploy short cuts to desktops and/or the Start Menu to let people run the program.

    And that's it, should get you being able to run the software as an administrator, but then demote the user accounts down to something more sensible within a managed environment.

    Hope that helps
    Andy
    Thanks Andy! Got a machine here I need to wipe and start from scratch so I'l set some time aside to try it on there!

SHARE:
+ Post New Thread

Similar Threads

  1. Future proofing/ improving our network
    By networkingNut in forum Wireless Networks
    Replies: 7
    Last Post: 1st April 2011, 11:12 AM
  2. I need to improve our TS solution
    By mrbios in forum Thin Client and Virtual Machines
    Replies: 5
    Last Post: 6th January 2011, 03:38 PM
  3. How to improve our school site?
    By pritchardavid in forum Web Development
    Replies: 5
    Last Post: 6th November 2010, 12:44 PM
  4. [MS Office - 2010] Help Protect and improve Microsoft Office.. Disable the popup
    By craigg in forum Office Software
    Replies: 3
    Last Post: 20th September 2010, 08:02 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •