S
SpecialK
Hi allIs there a "backdoor" or way for an application installation to
programmatically, get elevated privileges to update the AD schema?
Eg. the Schema Admins group is empty and the Schema partition is not set to
be writable, however an end-user attempts to install an application on their
workstation which tries to update the schema as part of the install. To be
able to isntall the app the application is already in an elevated privilege
state. Is there a way to ensure that there is no chance a rogue app
installed by an end-user can update the schema?
I would like to ensure that in this situation, the schema update by the
users application install should FAILThanks
programmatically, get elevated privileges to update the AD schema?
Eg. the Schema Admins group is empty and the Schema partition is not set to
be writable, however an end-user attempts to install an application on their
workstation which tries to update the schema as part of the install. To be
able to isntall the app the application is already in an elevated privilege
state. Is there a way to ensure that there is no chance a rogue app
installed by an end-user can update the schema?
I would like to ensure that in this situation, the schema update by the
users application install should FAILThanks