I have a question. I wonder what is the best approach for managing user profile enviroment on their computers? For example if there is an task for administrator to solve a problem on users profile on his PC. User is not behind his desk, so remote assistance is not a solution, because administrator needs users interaction. Administrator does not know users password, so only way which comes to my mind is to reset users password - set something - solve the problem - let user know and set up changing password on next logon. But this is horrible solution. How is this managed in bigger companies? Thank you and sorry for maybe a stupid question...
Asked
Active
Viewed 97 times
1 Answers
0
From my experience for actions that actually require user interaction Administrators just wait until the user is available for remote assistance. (I'd never log on as someone else without their very explicit permission to do so and maybe not even then).
But mostly you only need to do that anyway if the user has reported an unknown problem and you want to see/diagnose the symptoms for yourself.
As Administrator you can (depending on the specific environment of course) usually access pretty much everything of the user profile remotly even if the user is not logged in. With remote access to the registry and the local file system there is not much left that needs interaction from the user.
whatever
- 101
-
I saw quite a lot of companies, where logging as a specific user without a user being behind his computer was quite regular. It was something like company policy. There was no other option. User wasn't behind the computer at a time when the problem should be solved and most of the problems were about configuring specific apps and you can't do that without logging as that specific user even if you have access to the registry and file system. – devlin Feb 09 '17 at 13:33
-
It certainly depends on the company (and the country and its laws). And often it might be much more convenient to just log in as the user. But in the end all the app has to save its settings is the harddrive (or a remote share or something like that), so unless the software specifically encrypts the configuration file, there should be very few scenarios were your really have to log in as that user instead of just manipulating files on the drive. – whatever Feb 09 '17 at 13:55
-
Yes, you're right, it depends on company and laws. But messing with configuration files... You can do this with simple apps or with apps, where is this approach documented and supported. But you can't do that with heavy enterprise solutions, where one change in settings could trigger not only registry changes on computer and/or local filesystem changes, but it could also trigger many processes on the server side etc. You can mess up quite many things with this approach. Another thing is, that changing settings manually (files, registry) could be extremly time-consuming. – devlin Feb 09 '17 at 14:43
-
Well you said "a problem on users profile on his PC" so I was thinking more about problems with local applications or the OS itself. Of course there may be situations where changing something in the application is the only valid way. The scenario does sound a bit artifical to me (why not just give the user instructions how to change the setting? Why can't it be done with him if it only affects his profile? But anyway, all I wanted to do is give my personal experience on this, which is as stated above: It is not done. If something requires access to a user profile it is done together – whatever Feb 09 '17 at 15:18
-
with that user. Now my experience is just from Germany and from a handful of companies that if have worked with/for, but from that experience noone would ever user your personal profile unless in very exceptional circumstances. – whatever Feb 09 '17 at 15:20
-
Thank you for sharing your experience. I know, that it may sound strange what I'm talking about, but I really have this experience, from companies with strange requirements. It's maybe combination of a badly IT educated users and bad directives... Nothing I can do something with.... – devlin Feb 10 '17 at 08:57