R
Ryan Nordman
Note: cross-posted to microsoft.public.scripting.vbscript and
microsoft.public.windowsxp.security_admin
Hi guys,
I'm in need of some information about how the security and
impersonation of scripts works. I'm trying to create a login vbscript
that will enumerate certain types of files on the HD. The problem is
that we want it to run more often than when the computer is rebooted,
so it can't be a startup script. As a login script, the user logging
in doesn't have priveleges to see all the directories on the machine
(notably the documents & settings folders for other users), but we
want to enumerate the contents of those folders. What would you
suggest? Is there a way to use the machine account instead of the
user account when it's a login script? (from what I've read, it seems
not)
From the reading I've done, it seems the only way really to do it is
to provide other credentials and run the script as another user. I'd
prefer not to use this option as storing the credentials of another
user with elevated priveleges in the script would be a security risk.
If this is the only way to do it, does anybody have tips on making
this option as secure as possible?
Thanks very much,
-Ryan
microsoft.public.windowsxp.security_admin
Hi guys,
I'm in need of some information about how the security and
impersonation of scripts works. I'm trying to create a login vbscript
that will enumerate certain types of files on the HD. The problem is
that we want it to run more often than when the computer is rebooted,
so it can't be a startup script. As a login script, the user logging
in doesn't have priveleges to see all the directories on the machine
(notably the documents & settings folders for other users), but we
want to enumerate the contents of those folders. What would you
suggest? Is there a way to use the machine account instead of the
user account when it's a login script? (from what I've read, it seems
not)
From the reading I've done, it seems the only way really to do it is
to provide other credentials and run the script as another user. I'd
prefer not to use this option as storing the credentials of another
user with elevated priveleges in the script would be a security risk.
If this is the only way to do it, does anybody have tips on making
this option as secure as possible?
Thanks very much,
-Ryan