Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Symantec AntiVirus Corporate 8.1.1

  • 26-09-2004 6:53pm
    #1
    tech
    Registered Users, Registered Users 2 Posts: 2,860 ✭✭✭


    Ok I have a question

    I have a SBS 2003 server setup with Symantec Antivirus 8.1.1, there is no problems with updates and configuring all the settings, my problem is when I deploy the scanning policies to the client pc's

    All client pc's are running wind xp pro and are members of the domain,

    When I deploy the antivirus from the sever this works fine and all scanning and options I have created come across onto the client pc's but if the user has local admin rights they can disable the antivirus and basically mess with the settings, also if I give the user power users rights the same applies, the only way to stop users interferring with the settings is to give them restricted user rights, but if they only have this access they can't use other progams,

    does anyone know a work around for this problem?


Comments

  • #2
    tech
    Registered Users, Registered Users 2 Posts: 2,860 ✭✭✭tech


    any one got any ideas?


  • #3
    Capt'n Midnight
    Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 93,567 Mod ✭✭✭✭Capt'n Midnight


    Love the way you need Local Admin rights to run soooo many old programs in XP

    Once they have local admin rights they can do anything they want - that's what admin means. If you could find the reg settings the need rights to then you could just change those permissions with REGEDT32.EXE so they would not need general admin rights but that would be too easy.

    Perhaps you could use the system policy editor - but as admins they would have many, many rights and loads of other ways of screwing up the system. Have a talk with HR - intefering with the AV is probably covered by the employment contract so it's not a technical problem.


  • #4
    tech
    Registered Users, Registered Users 2 Posts: 2,860 ✭✭✭tech


    yeah its a real pain having to give a user local admin rights, it really defents the purpose of permissions if you have to give them admin rights locally, im not to impressed :(


  • #5
    LoLth
    Registered Users, Registered Users 2 Posts: 10,339 ✭✭✭✭LoLth


    have a look at Winlock :)

    lots of schools use it. maybe you need something along the same lines...

    http://www.crystaloffice.com/wlinfo.html


  • #6
    jim_bob
    Registered Users, Registered Users 2 Posts: 379 ✭✭jim_bob


    just go to client Administrator only options then security and click the check box for lock the ability of users to unload symantec antivirus services


  • Advertisement
Advertisement