Elevating privileges for a non-priv'd user?
-
In my current customer's environment, we have Windows 7 machines on the factory floor that production people use to get their job done. The accounts they use are quite restricted - historical reasons ;). Anyway, one thing one of these machines needs to do is some low level formatting of compact flash cards. The commands used require accessing very low level operations like DISKPART, etc, so permissions must be elevated for the script to be able to run. Normally, I would run this script on my laptop by right clicking on it and Running As Administrator, supply the password and off we go. But we cannot give the admin password out, just not a good idea. Is there any way to install or set up a script with elevated permissions? I've not done anything like this before, but off the cuff, I'm thinking creating a simple service, installed with priv's and having the non-priv'd script send it a request. Ideas?
Charlie Gilley Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
-
In my current customer's environment, we have Windows 7 machines on the factory floor that production people use to get their job done. The accounts they use are quite restricted - historical reasons ;). Anyway, one thing one of these machines needs to do is some low level formatting of compact flash cards. The commands used require accessing very low level operations like DISKPART, etc, so permissions must be elevated for the script to be able to run. Normally, I would run this script on my laptop by right clicking on it and Running As Administrator, supply the password and off we go. But we cannot give the admin password out, just not a good idea. Is there any way to install or set up a script with elevated permissions? I've not done anything like this before, but off the cuff, I'm thinking creating a simple service, installed with priv's and having the non-priv'd script send it a request. Ideas?
Charlie Gilley Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
-
In my current customer's environment, we have Windows 7 machines on the factory floor that production people use to get their job done. The accounts they use are quite restricted - historical reasons ;). Anyway, one thing one of these machines needs to do is some low level formatting of compact flash cards. The commands used require accessing very low level operations like DISKPART, etc, so permissions must be elevated for the script to be able to run. Normally, I would run this script on my laptop by right clicking on it and Running As Administrator, supply the password and off we go. But we cannot give the admin password out, just not a good idea. Is there any way to install or set up a script with elevated permissions? I've not done anything like this before, but off the cuff, I'm thinking creating a simple service, installed with priv's and having the non-priv'd script send it a request. Ideas?
Charlie Gilley Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
charlieg wrote:
I'm thinking creating a simple service, installed with priv's and having the non-priv'd script send it a request.
That sounds like a good solution. :thumbsup:
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
