In that case, do the installs using the local "administrator" account whose password is meaningless everywhere else.
The bigger problem is, what do you do when your remote guy needs to do something requiring admin rights. Either you take control remotely and do it for him, or you give him the password to a local account which can do that. And then you have to change that password remotely if you don't want him doing admin things willy-nilly. Carl From: David Mazzaccaro [mailto:[email protected]] Sent: Wednesday, April 28, 2010 11:30 AM To: NT System Admin Issues Subject: RE: Software installs on new PCs The question came up about cached credentials. If you have logged into a workstation as an admin, could that potentially be a security risk, as those credentials are stored locally on that machine? _____ From: Carl Houseman [mailto:[email protected]] Sent: Wednesday, April 28, 2010 11:26 AM To: NT System Admin Issues Subject: RE: Software installs on new PCs Shouldn't really matter. Why do you think it would make a difference? Carl From: David Mazzaccaro [mailto:[email protected]] Sent: Wednesday, April 28, 2010 11:19 AM To: NT System Admin Issues Subject: Software installs on new PCs For those that don't use images/GPOs to deploy software to new PCs. When a new computer is going out to a user, how do you install the software + hardware they need? As a local administrator? Domain administrator? Or give the end user's account local admin rights and log in as them, install the stuff they need, then take away admin rights when you hand the machine over? TIA . . ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
