Mark Minasi's Reader Forum
Mark Minasi's Reader Forum
Home | Profile | Register | Active Topics | Active Polls | Members | Search | FAQ | Minasi Forum RSS Feed
 All Forums
 Email, Databases, Sharepoint and more
 System Center
 SMS 2003 SP3, Windows 7 and 2008, and UAC

Note: You must be registered in order to post a reply.
To register, click here. Registration is FREE!

Screensize:
UserName:
Password:
Format Mode:
Format: BoldItalicizedUnderlineStrikethrough Align LeftCenteredAlign Right Horizontal Rule Insert HyperlinkInsert EmailInsert Image Insert CodeInsert QuoteInsert List
   
Message:

* HTML is OFF
* Forum Code is ON
Smilies
Smile [:)] Big Smile [:D] Cool [8D] Blush [:I]
Tongue [:P] Evil [):] Wink [;)] Clown [:o)]
Black Eye [B)] Eight Ball [8] Frown [:(] Shy [8)]
Shocked [:0] Angry [:(!] Dead [xx(] Sleepy [|)]
Kisses [:X] Approve [^] Disapprove [V] Question [?]

 
Note: please do not cross-post.
Cross-postings will be deleted and ignored.
Thanks for helping to keep this forum junk-free!
 Check here to subscribe to this topic.
   

T O P I C    R E V I E W
Katharsis Posted - 07/19/2011 : 5:19:28 PM
Our situation:
All of this is in our customer’s network, and they write and control the policies.
We have SMS 2003 SP3 installed on Windows Server 2003, single site only. It is NOT set up with advanced security (like 99.9% of SMS servers out there are). The customer does not let us have a main software installation account: we have been installing the SMS agent manually and via logon scripts. Any software installations via SMS advertisements are being installed with the system account of each computer receiving an advertisement. Unfortunately, we have been doing it this way for years because we don’t have a choice.

Enter Windows 7 and Server 2008 with UAC. The customer’s new policy is that UAC is cranked all the way up on every 7 and 2008 system. As a result, we cannot run any advertisements successfully that have any part of it that requires administrator rights/privileges. I can do basic things like copying files, etc. that do not require admin rights.

I’ve been assigned to find a way, but I’m pretty much not finding any viable solution, so I’ve come here for any help, or even any brainstorming from people here. Upgrading to later versions isn’t really an option, since they MUST extend the AD schema (I’m not familiar with all that terminology, having never done it since we’re not allowed). Any bone thrown in my direction will be appreciated, whether it ultimately helps or not.
5   L A T E S T    R E P L I E S    (Newest First)
Btil Entrails Posted - 07/27/2011 : 2:41:45 PM
We use Wise Package Studio 8 and it includes a product called Wisescript Package Editor and we use it to create exe files. With Wisescript Package Editor, you can create exe's and control the install level at runtime.

How are you sending out SMS installs to the target clients? Are you creating a custom exe or using the vendor files and command line switches?

Check out this post here on the Forum, hope it helps.
http://www.minasi.com/forum/topic.asp?TOPIC_ID=23444
Jake Mueller Posted - 07/27/2011 : 2:26:11 PM
Well the obvious solutions here seem to be out of bounds...
wkasdo Posted - 07/27/2011 : 11:59:09 AM
quote:
Originally posted by Jake Mueller

any way to create some sort of wrapper EXE that can run with encrypted credentials?
I like that :-) These guys are trying to be secure to the point of paranoia, so what do you do: embedded password!
Jake Mueller Posted - 07/27/2011 : 11:21:54 AM
any way to create some sort of wrapper EXE that can run with encrypted credentials?
Katharsis Posted - 07/19/2011 : 5:22:40 PM
Crazy thinking-outside-the-box solutions are more than welcome. That's pretty much all we do anyway in our crazy environment.

Mark Minasi's Reader Forum © 2002-2011 Mark Minasi Go To Top Of Page
This page was generated in 0.09 seconds. Snitz Forums 2000