Archive for January, 2007

AD Group Scripts

Friday, January 5th, 2007

LUA Least Privilege to User Accounts

Monday, January 1st, 2007

Few years back, I was working in development center. Every developer wanted to have full system rights to install everything they want. End result was lots of system failures, viruses, Trojans & what not on the network.

Giving users limited access to system by making sure all application functionality work was a difficult task. At that time I read few articles on the topic. (Read my comments & input on the topic at the bottom of these articles)

Keys to the Kingdom – http://mcpmag.com/articles/2003/10/28/keys-to-the-kingdom.aspx

Local Admin Rights, Right or Wrong – http://mcpmag.com/articles/2003/11/11/local-admin-rights-right-or-wrong.aspx

Since then Microsoft has done a lot of development in making sure applications work with limited-user access. Least-Privilege to User Accounts (LUA) has benefits of increased security, manageability, productivity, reduced cost & reduced privacy.

Check these articles for more details on the topic.

  1. Applying the Principle of Least Privilege to User Accounts on Windows XP
  2. Using a Least-Privileged User Account
  3. Browsing the Web and Reading E-mail Safely as an Administrator
  4. Running with Special Privileges
  5. Aaron Margosis’ Non-Admin Blog
  6. levating privileges for an administrator