Hi Walter,
Walter Cook wrote:
Most of these devices are locked down pretty tight. Users cannot run the SDAT because it requires admin access.
I can make files available to them but I have to have a method that can be accomplished with User Only Access.
Well, since they are really locked down pretty tight, you may want to consider this strategy:
1) Login to the PC as Admin (administrator rights, elevated if Vista or up)
2) Schedule a job to run periodically (say every hour or so) that runs a batch file. The credentials of the job needs to be the Admin (rights) account.
If this is Vista or up, you may need to disable UAC for this to work.
3) Create a batch file, (used in the scheduled job,) that runs the sdatxxxx.exe file. Upon Successful completion of sdatxxxx.exe, the batch job deletes sdatxxxx.exe. This way the batch file simply exits out if the sdatxxxx.exe is not present, at the next scheduled run.
If this is Vista or up, you may need to disable UAC for this to work.
4) Using the directory defined in your batch file above, copy sdatxxxx.exe to that directory. Then Wait for the next scheduled run. The method of copy can be via USB flash drive, CD, DVD, whatever is available. This can be done by the user at a later time, without Admin rights.
I would recommend a check of the sdatxxxx.exe file for a proper and valid signature to ensure the file is not itself infected or altered. I use Sigcheck.exe from http://technet.microsoft.com/en-US/sysinternals to check the signatures of these files.
Hope this helps.
Ron Metzger
Thanks,
Ron Metzger
Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
You Deserve an Award
