Core business application that will only run when logged into PC as an administrator

I am about to take on a new customer. They have some issues that I want to address before agreeing on a monthly support arrangement.

The main issue that they have is that they have an application that will not run properly unless the user has admin rights.

The PCs are running either Windows 7 or 8.1.

According to the staff there, the application will not run if you try to "run as administrator" . The user themselves have to be local admins on the PCs. The network is a peer to peer set up with no server.

This obviously causes issues. We are pressurizing the software vendor to resolve the issue and my customer is unable to use an alternative.

I have to find some way of securing these PCs whilst still allowing access to the troublesome system.

I thought that maybe hosting the application on a RDS server might be one solution. Perhaps an Azure VM. Just publishing the Application.

Does anyone have any thoughts on this option or do you have other ideas?

Thanks



You can add rights (for nonadmin user) (full) to directory where application are installed. And for the same user in regedit add full rights for hklmsoftwareapps - where apps is name your application.
Reboot system and try to run application on nonadmin user



You can add rights (for nonadmin user) (full) to directory where application are installed. And for the same user in regedit add full rights for hklmsoftwareapps - where apps is name your application.
Reboot system and try to run application on nonadmin user



Hi.

The vendor should be able to answer in a very short time - why don't you have his answer yet :) ?
Isolating the application to a shared remote system where the users would get admin rights is not the best idea. If they are admin, they can easily spy on one another, that would require real security skills to prevent that. Isolating it to a VDI environment ("each user gets his 'own' VM") would be the solution.

If you keep it simple, without virtualization or remote publishing, you would need a 3rd party software. Beyondtrust's software powerbroker can isolate applications so that granting full rights securely for just one application would become a (costly) option. http://www.beyondtrust.com/Products/PowerBrokerforWindows/



Thanks for the advice. I will try your suggestion kola12. If that doesnt work then I suppose powerbroker is an option. It is pricey and the minimum licenses they sell is 25. I only need 14 but it is an option if I need it.

Thanks



Roy, don't forget to give feedback if that solved your problem. Normally, you would try the suggestion first and then select it as answer.



Share this

Related Posts

There was an error in this gadget