On 12/11/2015 02:24 PM, Gert Doering wrote: > Hi, > > On Fri, Dec 11, 2015 at 11:08:16AM -0500, Selva Nair wrote: >> On Fri, Dec 11, 2015 at 6:51 AM, Gert Doering <g...@greenie.muc.de> wrote: >> >>> We had vetos on this in the past (because we want to go for the iService), >>> but for 2.3, I would welcome such a change - it will not get the iService >>> functionality (too intrusive on the OpenVPn side), so the counterargument >>> is somewhat moot. >> >> I suppose, both of these comments refer to running openvpn.exe as admin >> by default. >> >> The test I posted was of requiring admin for the GUI itself (IMO, a bad >> idea). >> I just assumed requiring admin for openvpn.exe (though a better idea) would >> be vetoed at multiple levels. > > Actually this is what people do today (set the shortcut to the gui to > "[X] run as admin") to work around the permission issues. > > Never thought of doing this for openvpn.exe, though. But then, I won't > claim to understand the intricacies of windows permission control and > UAC.
On Windows, I personally tend to use the OpenVPN service and if/when I need a user to control the said service, I use "subinacl" as described in solution #1 here: http://openvpn.se/files/howto/openvpn-howto_run_openvpn_as_nonadmin.html This have worked pretty well for my few users. Simon
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
