Windows 7 Thread, RSAT Windows 7 non admin user in Technical; I have a bit of an unusual problem. During the day our college has a team of IT technicians taking ...
14th April 2010, 03:51 PM #1
- Rep Power
RSAT Windows 7 non admin user
I have a bit of an unusual problem. During the day our college has a team of IT technicians taking care of the network inc menial tasks such as resetting students passwords etc. In the evening the Technicians take turns to stay on a late shift to cover classes till 8pm. About once a week we have a non IT staff member stay to cover the late shift as there isn't enough technicians on rotation. This person only carries out tasks such as replacing print toners and resetting passwords.
We would like to get Remote Server Administration Tools installed to run under his normal user account, at the moment it is installed but will only appear on start menu on admin accounts. Is this possible?
This particular staff member currently uses remote desktop to log onto the domain controller to reset passwords (using a seperate admin account), which is an inconvenience and could be done away with if RSAT is working under his account. I have also delegated control to his user account in AD.
It may just be that it's not possible for this to happen unless he has an actual Admin account but that's why I'm asking the question.
Hope this makes sense and someone can help.
BTW the user runs Windows 7 on his computer
IDG Tech News
14th April 2010, 05:07 PM #2
I have to ask, if you copy the shortcuts do they run?
I assume his account is not domain admin for obvious reasons which would block them?
I would make an account that is exclusive for that person and grant the specific rights they need to reset, then copy the shortcuts and for each one go into properties->shortcut tab->Advanced and check the run as administrator box and see it them prompts them for auth and they would use the account you made. You could even secure it down enough so that the elivated account can only be logged on at certain times/places too.
The run as admin checkbox may/may not work as expected though, if it didnt they can run shortcuts as another user by right clicking on the shortcut with SHIFT held down, the run as alt user option appears then.
Currently for example here my account I am logged in as is fully "normal" (aka not even local admin rights) and I make the shortcuts I need to run elevated with the check box trick and either login as a special local admin (for local changes) account or domain admin account depending on what mmc etc I need.
14th April 2010, 06:35 PM #3
I didn't know that!
Originally Posted by ZeroHour
top tip man
14th April 2010, 08:44 PM #4
Yeh using the run as admin also lets you use another username but I am not sure if they must be some form of admin for it to work or not.
Originally Posted by Domino
22nd April 2010, 02:20 PM #5
- Rep Power
Thanks for the advice, I ended up finding a way to get this to work. I Delegated control in Active Directory to the user just to allow him to reset passwords. I then installed RSAT on his computer under my administrative account. I copied the shortcut for active directory users and computers to all users desktop, so now when he logs in he has access to AD on his desktop and the only thing he can do is reset passwords.
Hope this helps someone else.
By Scorpio in forum How do you do....it?
Last Post: 28th September 2009, 02:50 PM
By DrCheese in forum Windows 7
Last Post: 26th August 2009, 11:38 PM
By TechSupp in forum Scripts
Last Post: 22nd September 2008, 12:54 PM
By FN-GM in forum Wiki Announcements
Last Post: 27th March 2008, 05:19 PM
By timbo343 in forum Windows
Last Post: 18th December 2007, 02:47 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)