You appear to be right, just tried it and no joy. This is a real pain in the backside for me and is going to be one of those ways that end-users end up with administrative rights - in this case, not on their local machines, but on a terminal server. Unfortunately I can't see any way around it other than writing some sort of custom "admin wrapper" that lets a program execute like RunAs but without allowing any access to the password.
If anyone else has any ideas or tips I'd be glad to hear them :-) 2008/8/7 Krishna Reddy <[EMAIL PROTECTED]> > I don't think so. I believe that local groups are evaluated at login. > > > Thanks, > > > > Krishna Reddy > IT Manager > Nucomm, Inc. > > > ------------------------------ > *From:* James Rankin [mailto:[EMAIL PROTECTED] > *Sent:* Thursday, August 07, 2008 9:44 AM > *To:* NT System Admin Issues > *Subject:* Re: Access token update > > Thought about that, but they would have to have access to the admin > password, which makes it kind of a non-starter > > Having said that, if a user is already a member of a group, if they are > logged in, and you add their existing group to local Administrators, will > they pick up admin rights without logging off? > > 2008/8/7 Ken Schaefer <[EMAIL PROTECTED]> > >> Runas? >> >> >> >> Cheers >> >> Ken >> >> >> >> *From:* James Rankin [mailto:[EMAIL PROTECTED] >> *Sent:* Thursday, 7 August 2008 8:58 PM >> *To:* NT System Admin Issues >> *Subject:* Access token update >> >> >> >> Is there any way to update a Windows user's access token without logging >> off? I have some really ancient export function that seems to require >> administrator rights to run successfully, but my users will receive a >> different desktop (i.e. without any of their applications) if they have to >> log out and back in when they are given elevated rights. My research seems >> to indicate that the answer to this is a resounding no, but I am hoping >> someone knows something I don't :-) >> >> TIA, >> JRR >> >> > > > > > > > > The information contained in this email and attachments to this email are > the proprietary and confidential property > of Nucomm, Inc. The information is provided in strict confidence and shall > not be reproduced, copied, or > used (partially or wholly) in any manner without prior, express written > authorization of Nucomm, Inc. > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
