How to give non-admin user ability to chkdsk drive?

26-06-2008, 03:10 PM

"Bruce Chambers" <bchambers@cable0ne.n3t> wrote in message
news:.gbl...
> Dave R. wrote:
>>
>>
>> We are trying to put into place a concept of a "System Maintainer" -
>> someone who can handle many aspects of system maintenance, but
>> doesn't have the keys to the kingdom as it were.
>
>
> Part of the problem is that, for some reason, you're mistakenly
> thinking of Chkdsk as some sort of routine maintenance tool.

No, I'm not. I'm thinking that *some* aspects of system administration
can be handled by *some* users who have *some*, but not all, of the
rights/privileges of system administrators.

> It isn't. It's designed to find and correct problems with the hard
> drive (limited, to be sure) and the file system.

I'm fully aware of chkdsk's purpose and usage, thanks.

> It has no preventative value, at all.

I'm not looking for "preventative value".

> All it's routine periodic use would do is unnecessarily increase the
> wear and tear on the hard drives.

First, I'm not looking for it to be used "periodically" or "routinely".
Second, if you actually believe this, then you have no idea how a hard
drive functions. That's like saying "the routine periodic reading of
data from hard drives unnecessarily increases the wear and tear on the
hard drives."

> And granting ordinary (or even power users)

I'm not looking to give "ordinary" users, or "power users", this
ability. You should stop trying to divine my intent as you are
consistently making incorrect assumptions.

> the ability to alter the very foundation on which the OS,
> applications, and data rests is very much granting the "keys to the
> kingdom."

No, it is granting *a* key to *one part* of the kingdom. A key that I
trust certain users to have. What is it about this that bothers you so
much?

Regards,

Dave

26-06-2008, 03:10 PM

Thanks for the constructive reply, Mark. I'll take a closer look at
your suggestions and ideas and see if they can get me where I want to
go.

Regards,

Dave

"Mark" <> wrote in message
news:...
> Command-line utilities can be run from standard user without prompts
> if the application is given a manifest assigning highestAvailable.
> Unfortunately, this may also not give the results you want...
> The higher privileged application will open in a separate "DOS" window
> and close without providing the user an opportunity to read any
> information presented. ChkDsk can be assigned in this method to run on
> the next boot where the information will be provided to the user, or
> the logfile that ChkDsk could be reviewed after running, but no
> protected area sectors can be repaired while run from a standard user.
>
> Again, this is probably not what you wanted.
> Easier would be to setup ChkDsk to run each boot by marking the disk
> as "dirty" during network initialization.
> Again, missing the concept. You want to provide the standard user the
> ability to run certain applications while running Windows.
>
> I don't think that exists. Nor did it exist in prior versions. (They
> were simply running as administrator and you restricted those
> functions you did not want to give to them.)
>
> "Dave R." <dwragle (at) drbsystems (dot) com> wrote in message
> news:.gbl...
>>
>> "Bruce Chambers" <bchambers@cable0ne.n3t> wrote in message
>> news:.gbl...
>>> Dave R. wrote:
>>>>
>>>>
>>>> That's what I was afraid of. Any idea why this would be restricted
>>>> to administrators only?
>>>>
>>>
>>> Because only administrators should have file system level access to
>>> the contents of the hard drive; it's not something regular users
>>> should ever have to do.
>>>
>>>
>>
>> The problem with that approach is that it lacks granularity in
>> privilige assignment. Just because a user can be trusted to do some
>> aspects of system administration does not necessarily mean they can
>> be trusted to perform all aspects of system administration. Yet, in
>> this case (and others I keep running across), I cannot separate the
>> ability to do a simple disk check from the ability to do ALL
>> administrative tasks.
>>
>> We are trying to put into place a concept of a "System Maintainer" -
>> someone who can handle many aspects of system maintenance, but
>> doesn't have the keys to the kingdom as it were. Unfortunately, we
>> are being thwarted by the security model built into Windows. If
>> anyone has any ideas on how to approach this in a Windows
>> (specifically, Vista) environment, I'm all ears.
>>
>> Regards,
>>
>> Dave
>>
>

26-06-2008, 03:10 PM	#11
Dave R. Guest Posts: n/a	Re: How to give non-admin user ability to chkdsk drive? "Bruce Chambers" <bchambers@cable0ne.n3t> wrote in message news:.gbl... > Dave R. wrote: >> >> >> We are trying to put into place a concept of a "System Maintainer" - >> someone who can handle many aspects of system maintenance, but >> doesn't have the keys to the kingdom as it were. > > > Part of the problem is that, for some reason, you're mistakenly > thinking of Chkdsk as some sort of routine maintenance tool. No, I'm not. I'm thinking that some aspects of system administration can be handled by some users who have some, but not all, of the rights/privileges of system administrators. > It isn't. It's designed to find and correct problems with the hard > drive (limited, to be sure) and the file system. I'm fully aware of chkdsk's purpose and usage, thanks. > It has no preventative value, at all. I'm not looking for "preventative value". > All it's routine periodic use would do is unnecessarily increase the > wear and tear on the hard drives. First, I'm not looking for it to be used "periodically" or "routinely". Second, if you actually believe this, then you have no idea how a hard drive functions. That's like saying "the routine periodic reading of data from hard drives unnecessarily increases the wear and tear on the hard drives." > And granting ordinary (or even power users) I'm not looking to give "ordinary" users, or "power users", this ability. You should stop trying to divine my intent as you are consistently making incorrect assumptions. > the ability to alter the very foundation on which the OS, > applications, and data rests is very much granting the "keys to the > kingdom." No, it is granting a key to one part of the kingdom. A key that I trust certain users to have. What is it about this that bothers you so much? Regards, Dave

26-06-2008, 03:10 PM	#12
Dave R. Guest Posts: n/a	Re: How to give non-admin user ability to chkdsk drive? Thanks for the constructive reply, Mark. I'll take a closer look at your suggestions and ideas and see if they can get me where I want to go. Regards, Dave "Mark" <> wrote in message news:... > Command-line utilities can be run from standard user without prompts > if the application is given a manifest assigning highestAvailable. > Unfortunately, this may also not give the results you want... > The higher privileged application will open in a separate "DOS" window > and close without providing the user an opportunity to read any > information presented. ChkDsk can be assigned in this method to run on > the next boot where the information will be provided to the user, or > the logfile that ChkDsk could be reviewed after running, but no > protected area sectors can be repaired while run from a standard user. > > Again, this is probably not what you wanted. > Easier would be to setup ChkDsk to run each boot by marking the disk > as "dirty" during network initialization. > Again, missing the concept. You want to provide the standard user the > ability to run certain applications while running Windows. > > I don't think that exists. Nor did it exist in prior versions. (They > were simply running as administrator and you restricted those > functions you did not want to give to them.) > > "Dave R." <dwragle (at) drbsystems (dot) com> wrote in message > news:.gbl... >> >> "Bruce Chambers" <bchambers@cable0ne.n3t> wrote in message >> news:.gbl... >>> Dave R. wrote: >>>> >>>> >>>> That's what I was afraid of. Any idea why this would be restricted >>>> to administrators only? >>>> >>> >>> Because only administrators should have file system level access to >>> the contents of the hard drive; it's not something regular users >>> should ever have to do. >>> >>> >> >> The problem with that approach is that it lacks granularity in >> privilige assignment. Just because a user can be trusted to do some >> aspects of system administration does not necessarily mean they can >> be trusted to perform all aspects of system administration. Yet, in >> this case (and others I keep running across), I cannot separate the >> ability to do a simple disk check from the ability to do ALL >> administrative tasks. >> >> We are trying to put into place a concept of a "System Maintainer" - >> someone who can handle many aspects of system maintenance, but >> doesn't have the keys to the kingdom as it were. Unfortunately, we >> are being thwarted by the security model built into Windows. If >> anyone has any ideas on how to approach this in a Windows >> (specifically, Vista) environment, I'm all ears. >> >> Regards, >> >> Dave >> >

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

New To Site?	Need Help?
Register to Participate Meet our Staff Refer Forum Rules Contact Us	Frequently Asked Questions Did you forget your password? Mark Forums Read

How to give non-admin user ability to chkdsk drive?

Windows Vista - Security