Tomasz Chmielewski wrote: > Allowing your users to logon with administrative powers is a very, very > bad security practice. This may be the case, but unfortunately users tend to get very upset when they don't have administrative access, sometimes for bad reasons (I want to be able to install software on my own), sometimes for good reasons (I want to be able to take my laptop home and configure it to work on my home network). There is still some broken Windows software applications that will not run without administrative access (e.g. fax/scanner software for HP7410 fax/scanner/printer from memory). In fact, last year we got a brand new Windows Vista machine from Sony, and on logging in a program required for video conferencing requests administration access. I am not sure exactly what this process does, but the on board camera didn't seem to work without it. Or the automatic updates program from HP which runs apparently on random even when the user doesn't have administration access and then complains loudly that the user isn't using it correctly. This is the debate that continues throughout my work place. If we make one exception, we can others demand it too. We have considered giving users a special account which they rarely use for administration tasks, but in practise we would expect many people just to use that account on a regular basis. Brian May |