Overclockers Australia Forums

OCAU News - Wiki - QuickLinks - Pix - Sponsors  

Go Back   Overclockers Australia Forums > Specific Hardware Topics > Business & Enterprise Computing

Notices

Reply
 
Thread Tools
Old 19th October 2015, 10:25 AM   #11446
looktall
Working Class Hero
 
looktall's Avatar
 
Join Date: Sep 2001
Location: brabham.wa.au
Posts: 23,285
Default

Quote:
Originally Posted by PabloEscobar View Post
Code:
If %USERNAME% != "administrator THEN
ERROR "You Must have Administrator Rights to run this program"
You laugh, but this, (or something scarily similar) exists in far to many programs.
we run an application at a few of our sites that will simply not run without local admin permissions.
it doesn't have to be a local user account or be called administrator, but it must be in the local administrators group on the pc.
the gotchya is that i can't be nested inside a security group.
the account must be added directly to the local administrators group or it simply won't load.
the resulting error message is the one you've listed above.

that had me scratching my head for a few minutes when we first set it up with a security group added to the local administrators group.
looktall is online now   Reply With Quote
Old 19th October 2015, 12:37 PM   #11447
hosh0
Member
 
Join Date: May 2007
Location: Sydney N.S.W
Posts: 8,957
Default

Interesting read about data retention.


edit: bah posted this in the wrong tab, might as well leave it here if anyone is interested.
__________________
IRWA (I'd Rather Walk Alone)


In God we trust, all others we virus scan.
hosh0 is offline   Reply With Quote
Old 19th October 2015, 5:18 PM   #11448
millsy_c
Member
 
millsy_c's Avatar
 
Join Date: Mar 2007
Location: Brisbane
Posts: 11,231
Default

If you do the dual account setup foliage, don't forget that local admin even on just a workstation means they can bypass almost all controls that you have in place.

Also make sure you don't give it local admin rights on every machine, and that it does not have the 'log in remotely' rights.
__________________
Quote:
Originally Posted by Luke212 View Post
You are talking like an expert beginner. Talk less and listen more.
millsy_c is offline   Reply With Quote
Old 19th October 2015, 5:21 PM   #11449
NSanity
Member
 
NSanity's Avatar
 
Join Date: Mar 2002
Location: Canberra
Posts: 16,176
Default

Quote:
Originally Posted by hosh0 View Post
Interesting read about data retention.


edit: bah posted this in the wrong tab, might as well leave it here if anyone is interested.
Its not even remotely based on reality.

The author (a mate of mine is a mate of his) has based most of the article from the TIO/ACA FAQ - which isn't remotely close to the generally accepted interpretation of the legislation.

The author has this idea that its like a $3k storage problem "because it only stores your connect/disconnect logs from your dsl connection".

He's so far off base, out of depth and has had the majority of the internet calling him out on his bullshit all day. The dude could have spent 30 minutes trawling AusNog to work out that shit he was spinning was just that - or you know, done some fucken journalism and asked a legal counsel who has anything to do with Telecommunications law in Australia.
NSanity is online now   Reply With Quote
Old 19th October 2015, 6:02 PM   #11450
chip
Member
 
Join Date: Dec 2001
Location: Perth
Posts: 3,364
Default

If I ever suffer a brain damage from a massive head trauma, at least I'll be able to make a living as a Peoplesoft developer.
chip is offline   Reply With Quote
Old 19th October 2015, 6:37 PM   #11451
heydonms
Member
 
Join Date: Sep 2008
Posts: 629
Default

Quote:
Originally Posted by looktall View Post
we run an application at a few of our sites that will simply not run without local admin permissions.
it doesn't have to be a local user account or be called administrator, but it must be in the local administrators group on the pc.
the gotchya is that i can't be nested inside a security group.
the account must be added directly to the local administrators group or it simply won't load.
the resulting error message is the one you've listed above.

that had me scratching my head for a few minutes when we first set it up with a security group added to the local administrators group.
That makes me think that instead of using the standard functions to check whether it is running as an admin, it actually checks the group membership. What's the bet they are referring to it by name instead of by SID? What happens if you rename the administrators group to something else and make a new group called Administrators?
heydonms is offline   Reply With Quote
Old 19th October 2015, 6:47 PM   #11452
Daemon
Member
 
Daemon's Avatar
 
Join Date: Jun 2001
Location: qld.au
Posts: 4,949
Default

Quote:
Originally Posted by NSanity View Post
Its not even remotely based on reality.

The author (a mate of mine is a mate of his) has based most of the article from the TIO/ACA FAQ - which isn't remotely close to the generally accepted interpretation of the legislation.

The author has this idea that its like a $3k storage problem "because it only stores your connect/disconnect logs from your dsl connection".

He's so far off base, out of depth and has had the majority of the internet calling him out on his bullshit all day. The dude could have spent 30 minutes trawling AusNog to work out that shit he was spinning was just that - or you know, done some fucken journalism and asked a legal counsel who has anything to do with Telecommunications law in Australia.
Actually, it's not that far off base at all so your mate has really missed the mark. Those arguing about it clearly haven't read the legislation, nor the detailed FAQ's on the AGD's website. For general IP data, the detail in the article is accurate. Here's the AGD's wording:

Quote:
"The data retention obligations do not require internet access service providers to keep data pertaining to the destination of a communication for internet access services."
The exception is if the ISP offers direct services sich as VOIP and email, which then requires header / session data. It means general browsing or TCP connections to external services do not need to be kept. It's of no use to the government.

AusNOG is a great source for misinformation and bias too, it's no better than Whirlpool. There's massive threads on the data retention laws and there certainly isn't a uniform view on the requirements. A quick read of the archives quickly shows how many wannabe network admins who don't work in the industry miss the mark by a long shot.

Be careful who you get the information from as the level of misinformation is atrocious.
__________________
Fixing the internet... one cloud at a time.
Daemon is offline   Reply With Quote
Old 19th October 2015, 6:56 PM   #11453
millsy_c
Member
 
millsy_c's Avatar
 
Join Date: Mar 2007
Location: Brisbane
Posts: 11,231
Default

It's a concern if the laws are confusing enough to allow so much misinformation to be interpreted from the documentation available.

*edit* I suppose it's to be expected for such a pointless law though
__________________
Quote:
Originally Posted by Luke212 View Post
You are talking like an expert beginner. Talk less and listen more.

Last edited by millsy_c; 19th October 2015 at 7:04 PM.
millsy_c is offline   Reply With Quote
Old 19th October 2015, 7:07 PM   #11454
Daemon
Member
 
Daemon's Avatar
 
Join Date: Jun 2001
Location: qld.au
Posts: 4,949
Default

Quote:
Originally Posted by millsy_c View Post
It's a concern if the laws are confusing enough to allow so much misinformation to be interpreted from the documentation available.
Ever had to read much legislation? It's not all 100% explicit or 100% correct I've had to read and implement a hell of a lot, the data retention bill is no better or worse than most other bills.

Put it this way, the data retention legislation is clear enough that all the leading lawyers specialising in IT have the exact same view on the matter and it aligns with the AGD's view and detailed FAQ's.

Unfortunately, the IT industry has too many cowboys who go off half cocked after spending a few seconds reading something on the Internet and suddenly believe they know it all.
__________________
Fixing the internet... one cloud at a time.
Daemon is offline   Reply With Quote
Old 19th October 2015, 7:17 PM   #11455
millsy_c
Member
 
millsy_c's Avatar
 
Join Date: Mar 2007
Location: Brisbane
Posts: 11,231
Default

Quote:
Originally Posted by Daemon View Post
Ever had to read much legislation? It's not all 100% explicit or 100% correct I've had to read and implement a hell of a lot, the data retention bill is no better or worse than most other bills.

Put it this way, the data retention legislation is clear enough that all the leading lawyers specialising in IT have the exact same view on the matter and it aligns with the AGD's view and detailed FAQ's.

Unfortunately, the IT industry has too many cowboys who go off half cocked after spending a few seconds reading something on the Internet and suddenly believe they know it all.
Well if the lawyers can provide a consistent view on the matter that's a good thing at least.

And yeah fair call there on the clarity of legislation
__________________
Quote:
Originally Posted by Luke212 View Post
You are talking like an expert beginner. Talk less and listen more.
millsy_c is offline   Reply With Quote
Old 20th October 2015, 9:12 AM   #11456
Dre_
Member
 
Join Date: May 2014
Posts: 632
Default

Quote:
Originally Posted by NSanity View Post
Its not even remotely based on reality.

The author (a mate of mine is a mate of his) has based most of the article from the TIO/ACA FAQ - which isn't remotely close to the generally accepted interpretation of the legislation.

He's so far off base, out of depth and has had the majority of the internet calling him out on his bullshit all day.
It's Gizmodo, what do you expect?
Click bait + poorly copy and pasted crap.

Half the time when they copy and paste articles they cut them off mid sentence, etc. So you have to wonder if they can't copy and paste properly, what are the odds they can comprehend anything remotely technical?
Dre_ is offline   Reply With Quote
Old 20th October 2015, 9:31 AM   #11457
PabloEscobar
Member
 
Join Date: Jan 2008
Posts: 9,895
Default

The neckbeards dream (or nightmare) of managing windows servers by SSH is one step closer

http://blogs.msdn.com/b/powershell/a...edirected=true
PabloEscobar is online now   Reply With Quote
Old 20th October 2015, 9:51 AM   #11458
looktall
Working Class Hero
 
looktall's Avatar
 
Join Date: Sep 2001
Location: brabham.wa.au
Posts: 23,285
Default

Quote:
Originally Posted by heydonms View Post
What happens if you rename the administrators group to something else and make a new group called Administrators?
no idea.
not likely to find out either.

it's working the way it is and the pc's that use it are mission critical so i'm not inclined to spend a great deal of time dicking around with it.
looktall is online now   Reply With Quote
Old 20th October 2015, 11:49 AM   #11459
Gunna
Member
 
Gunna's Avatar
 
Join Date: Dec 2001
Location: Brisbane
Posts: 5,354
Default

Quote:
Originally Posted by Foliage View Post
What about in the cases where you really do need local admin eg an it/engineering company, how do you handle that without inhibiting the staff from doing their job. Eg they write software and have to download specific programs daily

Other than local anti virus/firewall and good vlans what else do you do . Sandbox each pc?
No one apart from myself has local admin rights to their workstations. Any users that require a specific application to run as admin is granted full rights to the .exe and supported required files. Can be a pain in the ass to get right but I have our Australian CEO all the way down to our warehouse guys using specific 3rd party supplied software locked down without admin access. Granted we use little 2rd party software and most of our tools are SAP or web based so it's a little easier.

Quote:
Originally Posted by heydonms View Post
What happens if you rename the administrators group to something else and make a new group called Administrators?
I'd say that's going to break some shit elsewhere though. Windows will use the SID of the group to identify it however other applications may have a fit when checking for permission levels.
Gunna is online now   Reply With Quote
Old 21st October 2015, 6:49 AM   #11460
JumpingJack
Member
 
Join Date: Jun 2002
Posts: 248
Default

New building
Someone made the decision and installed cheap nasty cat5e
Its too late....
JumpingJack is offline   Reply With Quote
Reply

Bookmarks

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +10. The time now is 1:21 PM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
OCAU is not responsible for the content of individual messages posted by others.
Other content copyright Overclockers Australia.
OCAU is hosted by Micron21!