Route.exe and permissions 1

[SnoopFrogg]

I need to perform the following commands when a domain user logs on:

route add 0.0.0.0 mask 0.0.0.0 172.16.0.1 metric 1
route add 10.0.0.0 mask 255.0.0.0 172.16.0.11 metric 2

I've tried using a logon script via Active Directory and tried using a logon script via Group Policy but an error is returned indicating the user does not have sufficient permission to delete and add routes:


C:\>route add 0.0.0.0 mask 0.0.0.0 172.16.0.1 metric 1
The route addition failed: Network access is denied.

C:\>route add 10.0.0.0 mask 255.0.0.0 172.16.0.11 metric 2
The route addition failed: Network access is denied.


The user does not have elevated permissions (they are a domain user and not a power user or local administrator).

If I make them a local administrator, the logon scripts work correctly. Can I modify permissions at a more granular level and allow them to run the above route.exe commands?

[purple]
SnoopFrogg
MCSA+Security - Windows Server 2003
[/purple]

 

[linney]

HOW TO: Work with Scheduled Tasks on Remote Computers in Windows XP

http://support.microsoft.com/kb/310424/en-us?FR=1&PA=1&SD=HSCH

Setting user credentials. (Scheduled Tasks).

When you create a task, you are asked to provide a user name and a password. This provides a more secure way for you to manage the tasks that run on your computer. Different users of a single computer can each have their own scheduled tasks.

Once a user name is set, another user cannot cancel or delete the task unless the user has the correct permissions.



Need help - how do I make a program run as administrator?
thread779-559819



Cannot Configure Scheduled Tasks to Use System Account

http://support.microsoft.com/kb/223375/en-us?FR=1&PA=1&SD=HSCH

http://www.palmersoft.co.uk/main.asp?content=runasuser

Scripting question
thread779-1134826

 

[SnoopFrogg]

Great idea! Tried it and it worked!

[purple]
SnoopFrogg
MCSA+Security - Windows Server 2003
[/purple]