Hello Mike,
Not that I am aware for that situation.
Thanks,
Darrell Gorter[MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights
--------------------
|> Thread-Topic: Device Installation - Elevated Privileges
|> thread-index: AchuHLgKTse8Vw2BQ6CeU2imlnZN6g==
|> X-WBNR-Posting-Host: 62.244.189.242
|> From: =?Utf-8?B?TWlrZSBEb3dlcg==?= <
[email protected]>
|> References: <
[email protected]>
<
[email protected]>
|> Subject: RE: Device Installation - Elevated Privileges
|> Date: Wed, 13 Feb 2008 00:45:00 -0800
|> Lines: 98
|> Message-ID: <
[email protected]>
|> MIME-Version: 1.0
|> Content-Type: text/plain;
|> charset="Utf-8"
|> Content-Transfer-Encoding: 7bit
|> X-Newsreader: Microsoft CDO for Windows 2000
|> Content-Class: urn:content-classes:message
|> Importance: normal
|> Priority: normal
|> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
|> Newsgroups:
microsoft.public.windows.vista.administration_accounts_passwords
|> Path: TK2MSFTNGHUB02.phx.gbl
|> Xref: TK2MSFTNGHUB02.phx.gbl
microsoft.public.windows.vista.administration_accounts_passwords:8671
|> NNTP-Posting-Host: tk2msftibfm01.phx.gbl 10.40.244.149
|> X-Tomcat-NG:
microsoft.public.windows.vista.administration_accounts_passwords
|>
|> Hi Darrell,
|>
|> Thanks for getting back to me......we actually restrict device
installation
|> through the Device Installation GPO and block users installing devices
such
|> as USB Keys, External HDDs etc as a way of locking down our desktops, so
I
|> wouldn't want to grant users access to install Drivers in this way
|>
|> My question was just that if I am going to a users desktop and saying
'ok,
|> you can use this device' is there a way of me just entering my Admin
username
|> and password once and the elevated priviliges being applied to all
subsequent
|> driver installs for that device at that time? Rather than the being
promopted
|> to enter my logon each time a differn't component of the device needs to
|> downlod and install a driver?
|>
|> Thanks again
|>
|> Mike
|>
|> ""Darrell Gorter[MSFT]"" wrote:
|>
|> > Hello Mike,
|> > You can use Group Policy to change this setting.
|> > MMC.exe, load snap-in, Group Policy, Local machine.
|> >
|> > Local Computer Policy
|> > -Windows Settings
|> > - - Security Settings
|> > - - - Local Policies
|> > - - - - User Rights Assignment
|> > - - - - - Load and unload device drivers
|> >
|> > This user right determines which users can dynamically load and unload
|> > device drivers or other code in to kernel mode. This user right does
not
|> > apply to Plug and Play device drivers. It is recommended that you do
not
|> > assign this privilege to other users.
|> > Caution
|> > Assigning this user right can be a security risk. Do not assign this
user
|> > right to any user, group, or process that you do not want to take over
the
|> > system.
|> > Default on workstations and servers: Administrators.
|> >
|> > Thanks,
|> > Darrell Gorter[MSFT]
|> >
|> > This posting is provided "AS IS" with no warranties, and confers no
rights
|> > --------------------
|> > |> Thread-Topic: Device Installation - Elevated Privileges
|> > |> thread-index: AchtmxdrcPQDeEMKRuKxpKeDsyKiOw==
|> > |> X-WBNR-Posting-Host: 62.244.189.242
|> > |> From: =?Utf-8?B?TWlrZSBEb3dlcg==?=
<
[email protected]>
|> > |> Subject: Device Installation - Elevated Privileges
|> > |> Date: Tue, 12 Feb 2008 09:17:06 -0800
|> > |> Lines: 18
|> > |> Message-ID: <
[email protected]>
|> > |> MIME-Version: 1.0
|> > |> Content-Type: text/plain;
|> > |> charset="Utf-8"
|> > |> Content-Transfer-Encoding: 7bit
|> > |> X-Newsreader: Microsoft CDO for Windows 2000
|> > |> Content-Class: urn:content-classes:message
|> > |> Importance: normal
|> > |> Priority: normal
|> > |> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
|> > |> Newsgroups:
|> > microsoft.public.windows.vista.administration_accounts_passwords
|> > |> Path: TK2MSFTNGHUB02.phx.gbl
|> > |> Xref: TK2MSFTNGHUB02.phx.gbl
|> > microsoft.public.windows.vista.administration_accounts_passwords:8650
|> > |> NNTP-Posting-Host: tk2msftibfm01.phx.gbl 10.40.244.149
|> > |> X-Tomcat-NG:
|> > microsoft.public.windows.vista.administration_accounts_passwords
|> > |>
|> > |> Hi, I have a quesiton which has been bugging me since we rolled out
|> > Vista to
|> > |> our desktops almost a years ago....
|> > |>
|> > |> Whenever I have to go to a users PC to install a new device (USB
Storage
|> > Key
|> > |> for example) I usually have to spend about 10 minutes there as the
|> > Elevated
|> > |> Privileges dialoge box will pop up several times, as each component
of
|> > the
|> > |> device tries to install itself...
|> > |>
|> > |> Is there any way to set this up so that when you apporve a device
for
|> > |> installation, all the drivers and components for that device are
also
|> > |> approved for install - it's quite frustratring having to spend 10
|> > minutes
|> > |> doing a task which should take 30 seconds!
|> > |>
|> > |> Thanks in advance for any help/advice
|> > |>
|> > |> Mike Dower
|> > |> Sys admin - Ministry of Sound
|> > |>
|> > |>
|> >
|> >
|>