Questions tagged [administrative-privileges]

39 questions
9
votes
1 answer

Scheduled Task in Windows Server 2016, run by non-admin Users

In earlier windows server versions (prior to 2016) it was possible to grant non-admin users the permission to run a scheduled task by doing following steps: Scheduled Task: run under system, execute script Give user read and execute rights on…
4
votes
5 answers

How can root start a process that only root can kill?

It is easy to start a process at background or make it as systemd service. However, if I want to start a process that monitors activities on the Linux machine, it fells to the target of attacks. If any user want to do something bad it will first…
George Y
  • 380
  • 2
  • 11
3
votes
1 answer

Can I grant "Virtual Disk Service" to a non-local administrator?

Trying to find an answer to this. A vendor I work with, Red Gate, wrote in their documentation: SQL Clone Agent requirements An agent should be installed on the same machine as any SQL Server you wish SQL Clone to use as a source of images,…
2
votes
1 answer

How to make a service (or the system process) impersonate the *elevated* variant of a user account?

In my network, there is a Windows 2008 R2 server with network name Dax. On that server, I have (among others, of course): a hard disk drive, mounted as E:\ a folder E:\odo an SMB share \\Dax\odo which provides the folder E:\odo to the network a…
2
votes
1 answer

Dialogs still ask for user password (instead of root's) after adding rootpw to sudoers file

To add an extra layer of security I'm using the rootpw option in the sudoers file and while it works perfectly fine from the shell, when a specific command invokes the GUI version of "elevation", only the user password will work in that case and not…
2
votes
1 answer

Windows 2008R2 RDP only works for Standard User but not for an Admin User

I have an issue which I cannot figure out. We have a Windows server 2008 set up. The user is setup to allow remote desktop and is a part of the Remote Desktop Users. When user is also part of the Administrator group and NLA is enabled then user…
2
votes
1 answer

Can i update the windows registry entries for HKEY_CURRENT_USER values without elevated privileges?

Links such as the following suggest that I should be able to edit the registry without elevated privileges, as long as I only update…
1
vote
1 answer

Allowing non admin user to run a specific software updater without admin password

I need to allow a non-admin network user to run a specific exe as local administrator on Windows 7. Basically what I need is not to be prompted for admin credentials when I run that specific exe which updates existing software. First of all I gave…
1
vote
1 answer

Specific dhcp administration across multiple dhcp servers

Currently we have multiple DCs in our primary site and a remote location which has its own DC. All of those DCs are on the same domain, though. The remote IT team wants to be able to manage their own DHCP Server configuration. However, I dont want…
Mus
  • 21
  • 1
  • 5
1
vote
0 answers

How to restrict administrator access by source IP for any protocol on windows ?

I want to make sure that administrative access to Windows domain controllers are allowed only from specific IP addresses. Note: I mean not only RDP access but ANY port/protocol that allows administrative access: SMB, WMI, LDAP, ADSI, etc. Most of…
coder56
  • 11
  • 2
1
vote
1 answer

What happens to Task Scheduler if User has no permission?

I've a little question: Lets say I have a Windows 2012 Server where I created a Scheduled Task with my Useraccount. I selected the option "Run this task even if user is not logged in" - so I don't have to be logged in the server that the task…
1
vote
1 answer

RHEL 8: Administrator vs. Auditor role

On RHEL 8, are there prepared functions, methods, processes or tools to implement administrator/operator and auditor roles in the following way: An administrator/operator should be able to do almost everything except modifying/deleting logs An…
1
vote
0 answers

User directory does not exist when logging in via ssh to a Synology NAS

On a Synology NAS with DSM 7.0 I have created through the Graphical UI a dedicated admin user (as recommended in Synology's setup procedure), then I have enabled ssh login and now I can ssh into the Synology. So far so good. However when logging in…
1
vote
1 answer

Hiring a contractor to migrate databases and websites. What kind of security plan should I put in place to mitigate risks?

We have a physical machine serving databases and websites. We want to contract a consultant for this planned migration from the older physical Windows machine to an up to date brand new Virtual Machine. Obviously the contractor will need an account…
marsisalie
  • 377
  • 1
  • 3
  • 7
0
votes
1 answer

Global Administrator / disable having access to the email "open another mailbox..."

I am global admin on a domain and as the name implies, I have access to all emails and having access to their emails via "open another mailbox..." in exchange. Now, one thing I noticed is that I am not able to access one specific user's email…
1
2 3