Delen via


Non-Admin, Live!

Tech*Ed 2005 in Orlando, FL (USA) will include significant coverage of "non-admin" topics:

  • SEC350 - "Tips and Tricks to Running Windows with Least Privilege" , which I'm presenting, and
  • SEC351 - "Developing with Least Privilege" , presented by G. Andrew Duthie.

In addition, Robert Hurlbut will be leading a Birds of a Feather session, BOF034, "Developing Software as a Non-Administrator" , and Keith Brown's BoF session, BOF033, "Writing Partially Trusted Code" also represents a "least privilege" topic. [2005-05-19: added the following] Also, for a look at the future, don't miss DSK210, "Longhorn Client Security Advancements" .

Are customers interested in these issues? Well, the Tech*Ed organizers surveyed registered attendees to determine which sessions would be the most popular. So which session topped the survey? Tips and Tricks to Running Windows with Least Privilege! The Security track organizers are also really stoked that the top six sessions in the survey are all Security track sessions.

My session is also one of twelve to be simulcast on the Internet via LiveMeeting. I'm on Wednesday, June 8, 2005, 8:30am - 9:45am Eastern Time (US). You can register for it here and view the full list of other simulcasts here. You'll need to have installed the Microsoft LiveMeeting 2005 console - you can download the standalone installer here. (You need admin privileges to install the console, but not to use it!)

I'm also presenting "Tips and Tricks to Running Windows with Least Privilege" at Tech*Ed Europe in Amsterdam, July 5-8. I'll try to post more details when I get them.

Comments

  • Anonymous
    May 19, 2005
    I will be there, this is one i have been looking forward too.

    Today we run as "Power User" as "User" had way too many issues.

    One of the big problems we have had is around ActiveX and I would love to know how the Longhorn Team plans to solve this problem since no one wants to elevate IE and these are started in process to it...

    thoughts?

    The only thing i have thought of is pushing them in SMS this not realistic for a corporation over 60,000 strong and dev's rev these all the time without any notice to us...
  • Anonymous
    May 22, 2005
    The comment has been removed
  • Anonymous
    May 27, 2005
    After reading the non-Admin blog for awhile & slowly weaning myself off of all that power, i have become a bit of an evangelist! You will love the thread below on the:

    http://www.microsoft.com/windowsxp/expertzone/newsgroups/reader.mspx?dg=microsoft.public.windows.tabletpc&tid=4617ebc6-a74f-454b-a363-b75bb16bce25&cat=&lang=en&cr=US&sloc=en-us&p=1

    "How do I install programs so users with Limited status "

    The answers that an otherwise astute MVP gave were enough to make you cry! Others corrected his misguided statements & chimed in for the non-admin live. The statements in this thread just about cover all the "issues" that people bring up when non-admin running is proposed.
  • Anonymous
    June 03, 2005
    The comment has been removed
  • Anonymous
    June 07, 2005
    The comment has been removed
  • Anonymous
    June 07, 2005
    Opps - I seem to have left off the final 'l' in 'html' in the link above to my blog post on lua-development.
  • Anonymous
    June 08, 2005
    Sarbanes-Oxley and FISMA have driven customer's interest in least privilege on the desktop. Good session. Do you have any pointers for easier management of per-user file associations? The explorer > tools > folder options > file types UI has LUA bugs. Sure, I can create/change the HKCUSoftwareClasses keys in the registry directly, but I would prefer a UI.
  • Anonymous
    June 17, 2005
    Any way I can get your PowerPoint from TechEd? I am required to do a presentation at my company about my TechEd experience and I was hoping to review your presentation and use some of your slides. They really want me to do it before I receive my DVDs. Thanks. (gchurchwell@cfi-us.com)
  • Anonymous
    June 17, 2005
    gchurchwell, I tried to send it to you, but your server's spam filters blocked it. You can watch the presentation again here:
    http://msevents.microsoft.com/cui/eventdetail.aspx?eventID=1032274954&Culture=en-US
  • Anonymous
    June 17, 2005
    Actually, I got it! Thanks. Now, do you know if I could get any of the other speaker's slide shows too? I have the list of sessions I went to, but I don't recall who the instructors were. Anyway, thanks for your help Aaron. I really enjoyed your presentation at the conference!
  • Anonymous
    June 17, 2005
    I'm finding what I need Aaron.
  • Anonymous
    June 29, 2005
    Ryan Naraine has written a nice article for eWeek about non-admin security in XP. He notes that Microsoft...
  • Anonymous
    June 29, 2005
    Aaron,
    I know that you going to be at TechEd EMEA in Amsterdam next week. How about we meet there and chat? We could discuss some non-admin/security stuff and I can also tell/show you new version of RunAsAdmin. Anyway, if you feel like chatting with me in Amsterdam – ping me at valery@harper.no (or at TechEd you use valery@mseventseurope.com e-mail or just find me at Ask the Experts on security stand).
    Regards,
    -Valery.
  • Anonymous
    July 23, 2005
    Hi Aaron,

    you presentation was great.
    Thanks for your great work on makemeadmin and privbar!

    You made me a LUA Evangelist.. I´m a active member of a MS CLIP Board in germany where I post about your site and tools...

    https://www.mcseboard.de/showthread.php?t=66853

    If anyone is interested on link-sharing I use Furl.net as my linkdatabase on storing all I found about furl now and in the future in it:

    www.furl.net/members/kohn/lua

    Best Regards and keep at it Aaron! :-)

  • Anonymous
    August 28, 2005
    The comment has been removed
  • Anonymous
    June 18, 2007
    Ryan Naraine has written a nice article for eWeek about non-admin security in XP . He notes that Microsoft