Can GPOs allow access to "CreateStreamOnHGlobal function (combaseapi.h)" for non local admin?

Schoeman, Daniel (FIS1) 1 Reputation point
2021-02-18T10:46:21.387+00:00

Can GPOs allow access to "CreateStreamOnHGlobal function (combaseapi.h)" for non local admin? We have an Application which requires local admin rights, just for streaming big files using the following function. "CreateStreamOnHGlobal function (combaseapi.h)" We don't want to allow local admin rights for a user, when the application just needs access to this function. Is there another way, like using GPOs?

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,047 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Fan Fan 15,321 Reputation points Microsoft Vendor
    2021-02-19T05:02:14.813+00:00

    Hi,
    Permission assignment can be done through OUs.

    You can use organizational units (OUs) to delegate the administration of objects, such as users or computers, within the OU to a designated individual or group. To delegate administration by using an OU, place the individual or group to which you are delegating administrative rights into a group, place the set of objects to be controlled into an OU, and then delegate administrative tasks for the OU to that group.

    But for the "CreateStreamOnHGlobal function (combaseapi.h)" , i didn't found any information about What specific permissions are required。

    Best Regards,

    0 comments No comments