|
Posted by Roger Abell [MVP] on August 31, 2005, 8:38 am
If you were Registered and logged in, you could reply and use other advanced thread options
Use of RunAs from within an interactive session requires that the
"runas" account has interactive login rights.
There is no way to obscure the credentials for a "runas" invocation
when encoded within a script so that they cannot be obtained.
You should get regmon and filemon from www.sysinternals.com
and analyze where the failures are when the java sdk is used by
a standard user account and adjust the missing permissions.
--
Roger
>I am trying to setup an acount that is a local admin to a group of
> workstations but is not allowed to login. I need it to work under the
> runas
> command though. I work at a school and am setting up the nesest version
> of
> the java sdk which seems to require a admin acount to run it correctly.
> By
> using the runas command with a account that has admin rights it does work
> but
> I want to take away the ability for them to login to the machine with that
> account. I have tried usoing the deny login policy but then it doesnt
> work
> at all. Are there any other ways to prevent this acount from being used
> other then for the runas batch file I have already setup. We are using a
> 2000/2003 domain with 500+ workstations on it.
| 
XML site map