Step-by-step guide: Elevating privileges for an administrator

Administrators, of course, have a legitimate need to run as admin, but they don't need to do everything as admin all the time. Unfortunately, Windows only accommodates one security level at a time. Running as admin all the time opens up some unnecessary security risks.

Not that using limited user accounts are a "silver bullet" for all security concerns. Limited user accounts, or LUAs, will help mitigate the risk of malware that depends on admin privileges. LUAs will not prevent any of the following dangers:

• Anything you can do to yourself
• Weak admin passwords
• Attacks on services
• Phishing
• Stupidity

That said, administrators need to know how to elevate privileges as needed. Fast User switching is the best way (see Serdar Yegulalp's article on Fast User Switching), but it is not available in a corporate domain environment.

That leaves us a few other options.

Elevating privileges for administrators

 Home: Introduction
 Step 1: RunAs dialog
 Step 2: RunAs command line
 Step 3: Differentiating security levels
 Step 4: MakeMeAdmin
 Step 5: Caveats
 Step 6: Resources

ABOUT THE AUTHOR:

Aaron Margosis is a Senior Consultant with Microsoft Consulting Services, focusing on US Federal government customers. He specializes in application development on Microsoft platforms and products with an emphasis on application and platform security. Aaron has blogged extensively about how to run Windows as a non-admin, and created the popular MakeMeAdmin and PrivBar utilities. Aaron holds Bachelors and Masters Degrees from the University of Virginia, and calls Arlington, VA, home. Copyright 2005 TechTarget

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT User passwords and network permissions 20 days to a more secure enterprise Eight is too many characters for strong passwords Nine common password oversights to avoid Secure your Windows systems with proper password practices Managing multiple passwords in Windows Windows desktop endpoint security challenges podcast series How to strike a balance between Windows security and business needs Managing single sign-on security burdens in Windows Build secure computer password policies Remote user security checklist Microsoft Windows XP Pro Guide to converting from Windows XP to Windows 7 Top 5 registry keys for Windows XP Manage the desktop image lifecycle to limit work, ensure security Secure Windows XP before a Windows 7 upgrade Microsoft's August patches run the gamut Hold on to Windows XP at your peril XP stragglers blame hardware costs, new features Your questions answered: The Windows 7 upgrade quandary Windows Vista users get little pricing relief on Windows 7 Vista shops eye quick path to Windows 7, XP shops likely to resist

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary key-value pair  (SearchEnterpriseDesktop.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary