Vista Forums - View Single Post - How to give non-admin user ability to chkdsk drive?

permalink · 06-24-2008

Command-line utilities can be run from standard user without prompts if the
application is given a manifest assigning highestAvailable. Unfortunately,
this may also not give the results you want...
The higher privileged application will open in a separate "DOS" window and
close without providing the user an opportunity to read any information
presented. ChkDsk can be assigned in this method to run on the next boot
where the information will be provided to the user, or the logfile that
ChkDsk could be reviewed after running, but no protected area sectors can be
repaired while run from a standard user.

Again, this is probably not what you wanted.
Easier would be to setup ChkDsk to run each boot by marking the disk as
"dirty" during network initialization.
Again, missing the concept. You want to provide the standard user the
ability to run certain applications while running Windows.

I don't think that exists. Nor did it exist in prior versions. (They were
simply running as administrator and you restricted those functions you did
not want to give to them.)

"Dave R." <dwragle (at) drbsystems (dot) com> wrote in message
news:OUHyEef1IHA.2292@xxxxxx

Quote:

>
> "Bruce Chambers" <bchambers@xxxxxx> wrote in message
> news:uQT2Hba1IHA.2384@xxxxxx

Quote:

>> Dave R. wrote:

Quote:

>>>
>>>
>>> That's what I was afraid of. Any idea why this would be restricted to
>>> administrators only?
>>>

>>
>> Because only administrators should have file system level access to the
>> contents of the hard drive; it's not something regular users should ever
>> have to do.
>>
>>

>
> The problem with that approach is that it lacks granularity in privilige
> assignment. Just because a user can be trusted to do some aspects of
> system administration does not necessarily mean they can be trusted to
> perform all aspects of system administration. Yet, in this case (and
> others I keep running across), I cannot separate the ability to do a
> simple disk check from the ability to do ALL administrative tasks.
>
> We are trying to put into place a concept of a "System Maintainer" -
> someone who can handle many aspects of system maintenance, but doesn't
> have the keys to the kingdom as it were. Unfortunately, we are being
> thwarted by the security model built into Windows. If anyone has any
> ideas on how to approach this in a Windows (specifically, Vista)
> environment, I'm all ears.
>
> Regards,
>
> Dave
>

06-24-2008	#8 (permalink)
Mark n/a posts	Re: How to give non-admin user ability to chkdsk drive? Command-line utilities can be run from standard user without prompts if the application is given a manifest assigning highestAvailable. Unfortunately, this may also not give the results you want... The higher privileged application will open in a separate "DOS" window and close without providing the user an opportunity to read any information presented. ChkDsk can be assigned in this method to run on the next boot where the information will be provided to the user, or the logfile that ChkDsk could be reviewed after running, but no protected area sectors can be repaired while run from a standard user. Again, this is probably not what you wanted. Easier would be to setup ChkDsk to run each boot by marking the disk as "dirty" during network initialization. Again, missing the concept. You want to provide the standard user the ability to run certain applications while running Windows. I don't think that exists. Nor did it exist in prior versions. (They were simply running as administrator and you restricted those functions you did not want to give to them.) "Dave R." <dwragle (at) drbsystems (dot) com> wrote in message news:OUHyEef1IHA.2292@xxxxxx Quote: > > "Bruce Chambers" <bchambers@xxxxxx> wrote in message > news:uQT2Hba1IHA.2384@xxxxxx Quote: >> Dave R. wrote: Quote: >>> >>> >>> That's what I was afraid of. Any idea why this would be restricted to >>> administrators only? >>> >> >> Because only administrators should have file system level access to the >> contents of the hard drive; it's not something regular users should ever >> have to do. >> >> > > The problem with that approach is that it lacks granularity in privilige > assignment. Just because a user can be trusted to do some aspects of > system administration does not necessarily mean they can be trusted to > perform all aspects of system administration. Yet, in this case (and > others I keep running across), I cannot separate the ability to do a > simple disk check from the ability to do ALL administrative tasks. > > We are trying to put into place a concept of a "System Maintainer" - > someone who can handle many aspects of system maintenance, but doesn't > have the keys to the kingdom as it were. Unfortunately, we are being > thwarted by the security model built into Windows. If anyone has any > ideas on how to approach this in a Windows (specifically, Vista) > environment, I'm all ears. > > Regards, > > Dave >
My System Specs