Please HELP with creating a "Read-Only Administrator"

Mike · Mar 6, 2008

I need to create an administrator with read-only access. I cannot seem to
find a way to do this. Any suggestions?

Danny Sanders · Mar 6, 2008

You need to trust your admin or they should not be an admin. If they are an
admin........anything you do to try to restrict them they can undo because
they are an admin.

hth
DDS

Meinolf Weber · Mar 6, 2008

Hello Mike,

You will NOT, an Admin is an Admin is an Admin................. Trust your
admins or do it yourself.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Mike · Mar 6, 2008

LOL...yeah I know. more detail is needed then......

I need to query the LDAP with ColdFusion (cfldap) and authenticate the users
on a webpage against the AD. I dont want to pass administrator creds in the
webpage, so i wanted to create a admin with read only so if for some reason
this page gets hijacked, the 'hacker' wont have admin rights per say.

Danny Sanders · Mar 6, 2008

webpage, so i wanted to create a admin with read only so if for some

reason
this page gets hijacked, the 'hacker' wont have admin rights per say

I'm not a programmer but if the account you use for this does not need admin
privileges, just create a normal user.

hth
DDS

Roger Abell [MVP] · Mar 7, 2008

"Read-Only Administrator" is a contradiction
What is it that you want a non-admin to be able to access and/or do ?
You need to approach it in that manner and grant to accomplish, else
to make them admins within a trust over the extent to which they will
and will not use administrative powers.
If all that you need to do is to authenticate CF intercepted user creds
against AD, then in your serverside code attempt to open an ldap
connection with those creds and catch success/failure. There is no
need for any admin creds involved.

Roger

Jorge de Almeida Pinto [MVP - DS] · Mar 18, 2008

any user in AD has access to almost anything in AD. So a simple user would
suffice

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx

Access How Current page of a form Read Only	2	Feb 15, 2019
Administrators group becomes read-only permission	4	Apr 5, 2004
Administrative rights on specified domain controller	8	Jan 16, 2007
Can't install program because C:\Documents and Settings\All Users\Start Menu\Programs is read-only a	14	Jun 10, 2012
Administrative Privileques Required - Why?	1	Jan 15, 2010
Creating a hidden administrator	2	Jan 7, 2005
Lost Administrator Privileges	3	Aug 8, 2004
Deleting duplicate programs in Administrator and user account	1	Dec 22, 2012

Please HELP with creating a "Read-Only Administrator"

Mike

Danny Sanders

Meinolf Weber

Mike

Danny Sanders

Roger Abell [MVP]

Jorge de Almeida Pinto [MVP - DS]

Ask a Question

Similar Threads