Vista Forums - View Single Post - How to give non-admin user ability to chkdsk drive?

permalink · 06-25-2008

Thanks for the constructive reply, Mark. I'll take a closer look at
your suggestions and ideas and see if they can get me where I want to
go.

Regards,

Dave

"Mark" <jmhonzell@xxxxxx> wrote in message
news:B45B8D1E-59F0-4918-A1AA-12D4258D01F6@xxxxxx

Quote:

> Command-line utilities can be run from standard user without prompts
> if the application is given a manifest assigning highestAvailable.
> Unfortunately, this may also not give the results you want...
> The higher privileged application will open in a separate "DOS" window
> and close without providing the user an opportunity to read any
> information presented. ChkDsk can be assigned in this method to run on
> the next boot where the information will be provided to the user, or
> the logfile that ChkDsk could be reviewed after running, but no
> protected area sectors can be repaired while run from a standard user.
>
> Again, this is probably not what you wanted.
> Easier would be to setup ChkDsk to run each boot by marking the disk
> as "dirty" during network initialization.
> Again, missing the concept. You want to provide the standard user the
> ability to run certain applications while running Windows.
>
> I don't think that exists. Nor did it exist in prior versions. (They
> were simply running as administrator and you restricted those
> functions you did not want to give to them.)
>
> "Dave R." <dwragle (at) drbsystems (dot) com> wrote in message
> news:OUHyEef1IHA.2292@xxxxxx

Quote:

>>
>> "Bruce Chambers" <bchambers@xxxxxx> wrote in message
>> news:uQT2Hba1IHA.2384@xxxxxx

Quote:

>>> Dave R. wrote:
>>>>
>>>>
>>>> That's what I was afraid of. Any idea why this would be restricted
>>>> to administrators only?
>>>>
>>>
>>> Because only administrators should have file system level access to
>>> the contents of the hard drive; it's not something regular users
>>> should ever have to do.
>>>
>>>

>>
>> The problem with that approach is that it lacks granularity in
>> privilige assignment. Just because a user can be trusted to do some
>> aspects of system administration does not necessarily mean they can
>> be trusted to perform all aspects of system administration. Yet, in
>> this case (and others I keep running across), I cannot separate the
>> ability to do a simple disk check from the ability to do ALL
>> administrative tasks.
>>
>> We are trying to put into place a concept of a "System Maintainer" -
>> someone who can handle many aspects of system maintenance, but
>> doesn't have the keys to the kingdom as it were. Unfortunately, we
>> are being thwarted by the security model built into Windows. If
>> anyone has any ideas on how to approach this in a Windows
>> (specifically, Vista) environment, I'm all ears.
>>
>> Regards,
>>
>> Dave
>>

>

06-25-2008	#10 (permalink)
Dave R. n/a posts	Re: How to give non-admin user ability to chkdsk drive? Thanks for the constructive reply, Mark. I'll take a closer look at your suggestions and ideas and see if they can get me where I want to go. Regards, Dave "Mark" <jmhonzell@xxxxxx> wrote in message news:B45B8D1E-59F0-4918-A1AA-12D4258D01F6@xxxxxx Quote: > Command-line utilities can be run from standard user without prompts > if the application is given a manifest assigning highestAvailable. > Unfortunately, this may also not give the results you want... > The higher privileged application will open in a separate "DOS" window > and close without providing the user an opportunity to read any > information presented. ChkDsk can be assigned in this method to run on > the next boot where the information will be provided to the user, or > the logfile that ChkDsk could be reviewed after running, but no > protected area sectors can be repaired while run from a standard user. > > Again, this is probably not what you wanted. > Easier would be to setup ChkDsk to run each boot by marking the disk > as "dirty" during network initialization. > Again, missing the concept. You want to provide the standard user the > ability to run certain applications while running Windows. > > I don't think that exists. Nor did it exist in prior versions. (They > were simply running as administrator and you restricted those > functions you did not want to give to them.) > > "Dave R." <dwragle (at) drbsystems (dot) com> wrote in message > news:OUHyEef1IHA.2292@xxxxxx Quote: >> >> "Bruce Chambers" <bchambers@xxxxxx> wrote in message >> news:uQT2Hba1IHA.2384@xxxxxx Quote: >>> Dave R. wrote: >>>> >>>> >>>> That's what I was afraid of. Any idea why this would be restricted >>>> to administrators only? >>>> >>> >>> Because only administrators should have file system level access to >>> the contents of the hard drive; it's not something regular users >>> should ever have to do. >>> >>> >> >> The problem with that approach is that it lacks granularity in >> privilige assignment. Just because a user can be trusted to do some >> aspects of system administration does not necessarily mean they can >> be trusted to perform all aspects of system administration. Yet, in >> this case (and others I keep running across), I cannot separate the >> ability to do a simple disk check from the ability to do ALL >> administrative tasks. >> >> We are trying to put into place a concept of a "System Maintainer" - >> someone who can handle many aspects of system maintenance, but >> doesn't have the keys to the kingdom as it were. Unfortunately, we >> are being thwarted by the security model built into Windows. If >> anyone has any ideas on how to approach this in a Windows >> (specifically, Vista) environment, I'm all ears. >> >> Regards, >> >> Dave >> >
My System Specs