What application? Otherwise you'll probably never get an answer.
I'm not sure I understand your problem.
Are you talking about running ranger admin on a client machine under your normal user account? What is the primary usergroup for that account? are the required security settings enabled for that user account in ranger? What do you mean by "full-control"?
If you can access the ranger admin panel from a client machine, then your account's primary usergroup must have been granted access via the ranger admin panel - afaik there isn't a limited access mode for the ranger admin panel.
Are you the administrator?
The sentinel forums can be useful - if a solution isn't apparent from either the knowledgebase or admin manual.
I think Ranger Account Manager has a limited staff mode that is set using a config file. Can't remember more detail but there should be something on the Ranger site.
Where did you get the admin utility?
So let me get this straight you're saying you're a student or staff member not allowed to use the Ranger Admin Utility but you want to use it? Is that not a breach of your acceptable use agreement?
Can I ask what your role is in the school? If you only have a limited account are you are a techie? If so can't the NM or another techie give you access to Ranger admin?
I'd be interested to hear the specifics. Can you attach these "batch files and things"?
If you can't access cmd, it's unlikely that ranger would permit executing batch scripts - that is after all, the whole point of ranger.
I think broken_url is saying that they have already used bat files to search network shares so ranger clearly isn't stopping that.
@broken_url, CMD prompt can be stopped by Ranger or Group policy but the bat files still run via command.com
How do you mean read only most executable files are 'read only' as in you don't need to alter them to run them.Quote:
you can exactly do much with a Read-Only program can you
Is it a good idea to be assisting a student (going by post content, the lack of any other posts) to circumvent the school's security?
it doesnt really matter how i got to the program, i just need to give myself full access
Would have liked to have seen an example of one of the batch files though.
@broken_url what school? ;)
I did point out this issueI don't believe i/we have provided any technical assistance and there really isn't anything in the Ranger folder that can cause harm without admin rights.Quote:
Is that not a breach of your acceptable use agreement?
1) You can't 'hack' rights to a program that you don't have access to.
2) It's clear that you shouldn't be even doing this - I understand that students can get curious and such - but the program is locked for a reason.
If you really want it to work - venture toward a career in IT, take the exams, get a job and then you will be on the other side of the fence, you will be wanting to keep people out of your system, not try to find ways in. :)
You can't that's the point not without elevating your user rights i.e hacking the network or using someone’s admin account.
Both which i'm sure will be forbidden by your acceptable user agreement and against the law.
I think your wasting your time here trying to get Ranger to run under your limited account. Ranger relies on the underlying active directory security levels to work, as such your better off attempting to compromise AD directly.
You can do this a variety of ways, however in a school environment the simplest methods are usually the best. i.e. good old fashioned social engineering. Keep an eye out for teachers leaving computers logged on unattended or putting their passwords on post-it notes or notebooks. Be aware that machines that are in areas that pupils don't go usually have higher access to the network than those in classrooms. It's much higher personal risk, but with a much better payoff. Googling for social engineering will give you some ideas on how to pull this off effectively.