I am a System Administrator and I need ability to run updates (for instance) in an administrator security context but using a logon script. It was suggested that I create a program and make it an NT service that will run on each workstation. The thing is, I'm VB programming illiterate. Here's how I see it working. Can you help???
I will install this service (or program turned into a service) on each workstation in my domain and set it to run automatically and set it to use the "Administrator" account and password. This program/service will check a specified folder every 30 minutes (or whenever) for the presence of a file called "updates.cmd" and if it finds it it will run it. After it execute's the updates.cmd file, it should rename or delete it.
Then, in my logon script when needed, I can deploy an "updates.cmd" file which will be a little script for copying files or running updates and service packs or whatever I need to do under an administrative security context to keep my workstations updated.
AWESOME! I'm excited about it if it will work.
What do you think? I'm open to other suggestions.
I realize it poses a security issue, because if anyone figures out that they can create a file called updates.cmd and put it in this particular folder, it will run with admin rights, and that is a problem. I think as long as the updates.cmd file is run soon after it arrives and is deleted right after it is done, hopefully that will keep those users who know too much for their own good from figuring it out or putting two and two together.
Can you code for me? :^)
I will install this service (or program turned into a service) on each workstation in my domain and set it to run automatically and set it to use the "Administrator" account and password. This program/service will check a specified folder every 30 minutes (or whenever) for the presence of a file called "updates.cmd" and if it finds it it will run it. After it execute's the updates.cmd file, it should rename or delete it.
Then, in my logon script when needed, I can deploy an "updates.cmd" file which will be a little script for copying files or running updates and service packs or whatever I need to do under an administrative security context to keep my workstations updated.
AWESOME! I'm excited about it if it will work.
What do you think? I'm open to other suggestions.
I realize it poses a security issue, because if anyone figures out that they can create a file called updates.cmd and put it in this particular folder, it will run with admin rights, and that is a problem. I think as long as the updates.cmd file is run soon after it arrives and is deleted right after it is done, hopefully that will keep those users who know too much for their own good from figuring it out or putting two and two together.
Can you code for me? :^)
