Does anyone know of any tool that is able to analyze applications during execution and report if the application really requires administrative rights. My environment here is such that over 1K pcs have been discovered to have business users with administrative rights.
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Answers

0
Process Monitor: http://www.microsoft.com/technet/sysinternals/SystemInformation/processmonitor.mspx
one of hte best tools out there for this.

It will morning all activity registry and file etc and wil catch those read/write executions.

the best method to do this will be to log on as a standard user, perform a runas on process monitor as an administrator (it requires admin rights to run). Then you run your application as the standard user and when you get error messages from the app, you look at the log to see what the item in question was.
Answered 06/06/2007 by: Chipster
Blue Belt

Please log in to comment
0
The status you're after is "Access Denied"
Answered 06/07/2007 by: AngelD
Red Belt

Please log in to comment
0
Thanks for all your replies. I think I am a bit ambitious with the product I require and probably ambiguous with my request.
I am not looking for a FileMon, RegMon, ProcMon- type application. I want something which is able to run an agent on all systems in the enterprise and report back on applications which require administrative privileges in order to execute. Procmon could then be used to track which parts of the system the application requires RW etc access to.

Thanks for all your responses. Please keep them coming.
Answered 06/07/2007 by: oofemioo
Blue Belt

Please log in to comment
0
Sounds like you should just setup a test machine with all of the corporate software on it and monitor it. I think it would be much easier than what I think you're asking. Procmon will tell you the app that's getting access denied. It should give you what you're looking for.
Answered 10/05/2007 by: Drye
Senior Yellow Belt

Please log in to comment
Answer this question or Comment on this question for clarity