For my classes, I build a machine with all the necessary tools, including the current version of the Best Practices Analyzer. We then create a Norton Ghost image of this machine. The ghost image is restored to each classroom machine. I run a program to change the machine name, its IP address and randomize the machine's SID. Then I join the machine to the domain. All the installed software is available to the logged in user (Office, SQL Server 2000, SQL Server 2005, etc.) except BPA. Note that when I built the machine that was the source of the Ghost image, I logged in as each user and set up Outlook Express profiles and Office Profiles. When any user other than the user who installed BPA tries to run it, it issues a message that BPA must be installed. If I change the executable to run as the user who installed it, it works. But I can't find any way to make this change "generic". For example, as a local administrator, I install BPA. Then I log in to Windows as User15. I change BPA to run as administrator. It works for User15. But if I subsequently log in on that machine as User16, BPA still gives the "must be installed" message.
All of the student logins are local administrators, and the Administrators group has full control access to the BPA executable.
How do I fix this?
Thanks,
Sharon
Put the shortcut for BPA in the everyone document folder?
It sounds like a chain of custody control issue, if you log in as user16, you can not use a program installed by user15? If the program requires admin priv, then all users of the program must be admin?
This of course assumes that you really are the admin on the machine and not a "virtual admin" associated with some sys protection programs out there (and viruses of course)?
Have fun :)
No comments:
Post a Comment