+ Post New Thread
Results 1 to 5 of 5
Windows 7 Thread, RSAT Windows 7 non admin user in Technical; I have a bit of an unusual problem. During the day our college has a team of IT technicians taking ...
  1. #1

    Join Date
    Sep 2009
    Location
    Northern Ireland
    Posts
    32
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    RSAT Windows 7 non admin user

    I have a bit of an unusual problem. During the day our college has a team of IT technicians taking care of the network inc menial tasks such as resetting students passwords etc. In the evening the Technicians take turns to stay on a late shift to cover classes till 8pm. About once a week we have a non IT staff member stay to cover the late shift as there isn't enough technicians on rotation. This person only carries out tasks such as replacing print toners and resetting passwords.

    We would like to get Remote Server Administration Tools installed to run under his normal user account, at the moment it is installed but will only appear on start menu on admin accounts. Is this possible?

    This particular staff member currently uses remote desktop to log onto the domain controller to reset passwords (using a seperate admin account), which is an inconvenience and could be done away with if RSAT is working under his account. I have also delegated control to his user account in AD.

    It may just be that it's not possible for this to happen unless he has an actual Admin account but that's why I'm asking the question.

    Hope this makes sense and someone can help.

    BTW the user runs Windows 7 on his computer

  2. #2

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,645
    Thank Post
    931
    Thanked 1,340 Times in 819 Posts
    Blog Entries
    1
    Rep Power
    448
    I have to ask, if you copy the shortcuts do they run?
    I assume his account is not domain admin for obvious reasons which would block them?
    I would make an account that is exclusive for that person and grant the specific rights they need to reset, then copy the shortcuts and for each one go into properties->shortcut tab->Advanced and check the run as administrator box and see it them prompts them for auth and they would use the account you made. You could even secure it down enough so that the elivated account can only be logged on at certain times/places too.
    The run as admin checkbox may/may not work as expected though, if it didnt they can run shortcuts as another user by right clicking on the shortcut with SHIFT held down, the run as alt user option appears then.
    Currently for example here my account I am logged in as is fully "normal" (aka not even local admin rights) and I make the shortcuts I need to run elevated with the check box trick and either login as a special local admin (for local changes) account or domain admin account depending on what mmc etc I need.

  3. Thanks to ZeroHour from:

    Domino (14th April 2010)

  4. #3

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,105
    Thank Post
    217
    Thanked 1,308 Times in 805 Posts
    Blog Entries
    4
    Rep Power
    515
    Quote Originally Posted by ZeroHour View Post
    The run as admin checkbox may/may not work as expected though, if it didnt they can run shortcuts as another user by right clicking on the shortcut with SHIFT held down, the run as alt user option appears then..
    I didn't know that!

    top tip man

  5. #4

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,645
    Thank Post
    931
    Thanked 1,340 Times in 819 Posts
    Blog Entries
    1
    Rep Power
    448
    Quote Originally Posted by Domino View Post
    I didn't know that!

    top tip man
    Yeh using the run as admin also lets you use another username but I am not sure if they must be some form of admin for it to work or not.

  6. #5

    Join Date
    Sep 2009
    Location
    Northern Ireland
    Posts
    32
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Thanks for the advice, I ended up finding a way to get this to work. I Delegated control in Active Directory to the user just to allow him to reset passwords. I then installed RSAT on his computer under my administrative account. I copied the shortcut for active directory users and computers to all users desktop, so now when he logs in he has access to AD on his desktop and the only thing he can do is reset passwords.

    Hope this helps someone else.

SHARE:
+ Post New Thread

Similar Threads

  1. Installing Drivers as non Admin user
    By Scorpio in forum How do you do....it?
    Replies: 7
    Last Post: 28th September 2009, 01:50 PM
  2. Windows 7 RSAT released
    By DrCheese in forum Windows 7
    Replies: 7
    Last Post: 26th August 2009, 10:38 PM
  3. add user as local admin
    By TechSupp in forum Scripts
    Replies: 2
    Last Post: 22nd September 2008, 11:54 AM
  4. Install Windows Server 2003 admin pack on Windows Vista
    By FN-GM in forum Wiki Announcements
    Replies: 0
    Last Post: 27th March 2008, 04:19 PM
  5. Deleted Admin User Account
    By timbo343 in forum Windows
    Replies: 8
    Last Post: 18th December 2007, 01:47 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •