Is it possible to set up ADFS without domain admin rights in Windows 2012 R2?

Similar Messages

• Need to provide local administrator access without domain administrator rights

  Hi All,
  I need to provide local admin access to one account in windows environment without providing domain administrator rights.
  Windows 2008 DC. Desktops : windows 7
  So that we can use this account to install agents like SCCM\SCOM in all servers & desktops.
  Need suggestions.

  Hi,
  I agree with Senne, in addition, we can also use net command to perform local group management.
  More information for you:
  Add a member to a local group
  http://technet.microsoft.com/en-us/library/cc772524.aspx
  How to Make a Domain User the Local Administrator for all PCs
  http://social.technet.microsoft.com/wiki/contents/articles/7833.how-to-make-a-domain-user-the-local-administrator-for-all-pcs.aspx
  Best Regards,
  Amy
  Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• Help with setting up DSN without CF Admin

  Is it possible to set up a DSN without access to the CF Administration panel? Can I write this into a .cfc or is there some code I can run in a .cfm that will achieve this for me? I'm having trouble getting my host to set up the DSN I'm using and would like to know if there is any other way to achieve this.
  I have all my DSN parameters (I{ address, username, Passw, etc...), and it's working just fine on my local version of the site but I set it up through Administration.
  Thanks in advance.

  Nothing that doesn't requre support from your ISP.
  There is an administrator API that you can progamatically add DSN and other Administrator settings.  But this API would need to be opened to you by your ISP and they maybe unwilling to do so.  But it never hurts to ask.

• Is there any way to install a plugin without admin rights on windows 7

  Hi all,
  I've developed a plugin for adobe indesign cs5. I was able to install my plugin(by creating .msi file) into indesign plugins folder, when extension manager is opened as administrator.
  I just want to know, if I can install the plugin without admin rights.
  FYI: My plugin will add a link to File menu on menubar of the indesign application, clicking which will execute the scripts.
  Please let me know if you want any other information.
  Thanks for any ideas/support.
  Regards,
  Srikanth

  InDesign will load plugins from the path specified in the PlugInConfig.txt file in the user's InDesign preferences directory, which does not require administrative privileges. See "Using PlugInConfig.txt" on pp.12- of the "Getting Started with the Adobe InDesign CS5 Products SDK" (getting-started.pdf) in the SDK. Specifically:
  Using PlugInConfig.txt
  1. If InDesign is running, exit it.
  2. Create a text file named “PlugInConfig.txt” in the InDesign preference directory, and enter
  the following text into it:
  =Path
  NOTE: The inDesign preference folder is located in the following directory (where <locale> is a
  locale-specific subdirectory; for example, en_US for English):
  Windows XP: C:\Documents and Settings\<user>\Application Data\
  Adobe\InDesign\Version #.#\<locale>
  Windows Vista: C:\Users\<user>\AppData\Roaming\
  Adobe\InDesign\Version #.#\<locale>
  Mac OS: <user-home>/Library/Preferences/
  Adobe InDesign/Version #.#/<locale>
  3. Open the PlugInConfig.txt file in a text editor and edit the sections as desired. For example,
  the following tells InDesign to load every plug-in in the sdk folder:
  =Path
  "C:\Adobe InDesign CS5 Products SDK\build\win\debug\sdk
  NOTE: The preceding example is only for Windows. On Mac OS, use ‘:’ as the path separator.
  NOTE: You also can use a “=Exclude” tag to exclude a certain plug-in from being loaded. This
  is useful if you do not want to load everything in the “=Path” folder.
  NOTE: This is target specific. You cannot launch the release version of InDeisgn with debug
  plug-ins. It is convenient to add both debug and release paths, commenting out the  target that is not in use. For single-line comments, use “;” (semicolon).
  4. Save the PlugInConfig.txt file.
  5. Restart InDesign.
  6. Verify the set of plug-ins loaded by selecting the About Plug-ins menu.

• Running Desktop software without local admin rights

  Is it possible to run Blackberry Desktop Software without the user having local admin rights? I have a number of users who have work BBs who need to use BDS, but I am in the process of correcting my predecessor's decision to give everyone local admin rights.

  Hello gheatley,
  Welcome to the Support Community!
  The BlackBerry® Desktop Software will need to be installed in a Windows® user account with local admin rights, but it can be used from within other user accounts with more limited permissions.
  Thanks.
  -FS
  Come follow your BlackBerry Technical Team on Twitter! @BlackBerryHelp
  Be sure to click Kudos! for those who have helped you.
  Click Solution? for posts that have solved your issue(s)!

• VS2010 Crystal 13 click-once deployment without user admin rights?

  The only supported way of deploying our runtimes is to use one of our prepackaged msi's.
  We do not have any documentation for manual deployment or anything that lists what specific dlls, registry settings, etc are needed to run specific configurations (ie web app vs windows apps).
  Jason

  As well as what Jason posted CR MUST have local PC Admin rights because we need to get past DEP/UAC etc. as well as be able to register the COM components, insert all of the registry keys required and the usual folder creation and file copying. Without it CR simply won't install properly and your app will never run. As noted in those other posts if you write a .NET app you have no choice but to use/set the native permissions and file distribution. If it's a WEB based app the you deploy it on each WEB server, users get a Viewer and Printer control through a browser download. But for Windows, it's a must.
  IT departments have the ability to push out Special permissions for users to install software, not a CR configuration so check with your IT group or Microsoft and search on Profiles. So the each users doesn't need to be granted Admin rights to use it but they need it to install, assuming when installed it's set for All users. Other option is a local network Admin install on each PC. Not the nice way of doing things though.
  Bottom line is because it's a Native .NET windows app you have no choice but to distribute all of CR's runtime and dependencies.
  Don

• Delay when starting accdb without local Admin rights.

  Hi,
  I have a problem with one application, the front end of the application is MS Access DB that's connects to our SQL Server over odbc driver If the user is in a local administrator group everything is working fast. When the same user is put in the user group
  without Administrative rights I recive a delay for about 60 sec then the error pops up
  After I hit ok a new SQL login pops up and I just press second time ok and the application starts without entering any user and pass. This is not happening if the user is in the built in Administrators Group.
  Thanks for the help
  fract

  Hi fract,
  as a Microsoft partner I have asked support for help.
  Here is their answer:
  Hi Partner,
  Thanks for your reply.
  Based on my research, the issue is identified as a compatibility issue that Access 2010 has with SQL Server 2008 R2. Access uses PERMISSIONS function to check the privileges. The PERMISSIONS function is deprecated in SQL Server 2008 R2. I haven’t found
  any workaround for this issue currently.
  You can check the more detail information at below link:
  PERMISSIONS (Transact-SQL)
  http://msdn.microsoft.com/en-us/library/ms186915(v=sql.105).aspx
  I think you need to access SQL Server 2008R2 with local admin right.
  If you have any further questions, please let me know.
  Best Regards,

• GroupWise 6.5.7 distribution without local admin rights

  I would like to distribute the GroupWise 6.5.6up1 (6.5.7) client
  installation (from 6.5.1).
  Im using the setup.cfg and setup.ini to have an unattended installation.
  It is working great with local admin rights.
  Now I would like to distribute this version with ZENworks. Im using the
  workstation object (association) so the distribution will take place when
  the workstation starts up.
  But (as far as I can see) the registration of DLLs will not take place.
  What kind of alternatives are there to distribute GroupWise without local
  administrator rights?
  Thanks.
  Armand.

  Thanks for the reply.
  The .aot files give problems, dll files are missing (the known
  vslwp7.dll) and I found a lot of bad experiences on the forums with the
  viewer etc.
  Armand.
  > I've been using the AOTs included with the GW Client (Zen directory). =
  > They import into Zenworks easily and have worked well for me the last 2 =
  > upgrades.
  >
  > >>> <[email protected]> 10/11/2006 1:34:27 AM >>>
  >
  > I would like to distribute the GroupWise 6.5.6up1 (6.5.7) client
  > installation (from 6.5.1).
  > I=92m using the setup.cfg and setup.ini to have an unattended installation.=
  >
  > It is working great with local admin rights.
  >
  > Now I would like to distribute this version with ZENworks. I=92m using the
  > workstation object (association) so the distribution will take place when
  > the workstation starts up.
  > But (as far as I can see) the registration of DLL=92s will not take place.
  >
  > What kind of alternatives are there to distribute GroupWise without local
  > administrator rights?
  >
  > Thanks.
  > Armand.
  >
  >

• Access to all servers (except DC´s) without Domain Admins privilegies

  Hi,
  We would like to allow some functional accounts (ITS Accounts)can access to all company´s servers but without be domain admin and neither add them manually on local admin group in each server.
  Could we do this using Group Policy management? or Active Directory delegation? (our AD is 2012).
  Could anyone help me please?
  Thanks and regards
  Manuel Osorio

  Hi Manuel,
  >We would like to allow some functional accounts (ITS Accounts) can access to all company´s servers but without be domain admin and neither add them manually on local admin group in each server.
  It depends on which kind of access you intend to achieve. If you just want these accounts to be able to log onto these servers, you can assign
  log on locally or log on through terminal services user rights through group policy.
  In addition, you may find some built-in groups like Backup Operators, Network Configuration Operators or Performance Log Users useful.
  More information for you:
  User Rights
  http://technet.microsoft.com/en-us/library/dd349804(v=WS.10).aspx
  Default local groups
  http://technet.microsoft.com/en-us/library/cc771990.aspx
  Best Regards,
  Amy

• Stuck on how to improve very slow query without any admin rights

  Hello All,
  I am using the code below to query a very large data table (RH) and a few other joined tables. I am trying to improve the query but I do not have any admin rights and have no idea how to get diagnostic info on how the query is being executed. Apologies for the system specific and probably not easy to read code but I do not have a generic version that anyone could run, and no admin rights so I can not create tables.
  The main part of the code below (subquery R) takes about 10 minutes to run (3 minutes without the date parameters) and the full code (with the two analytic functions on top) below takes an eye watering 30 minutes to run and this is only a subquery of a much larger query so I really need to get this running more quickly. All I want to do is place a cap on the dates, get partitioned row numbers and a lead row value on one of the fields. I really am stuck on how to get this query more efficient. Am I counting things multiple times unnecessarily? How can I make this quicker? Am I committing some cardinal programming sin in using analytic functions on subqueries?
  Apologies for the vaugueness of this code and my questions but I am totally clueless about diagnostics and basically have very limited system access so I'm stuck as to where to go or to look.
  Very grateful for any advice,
  Jon
  SELECT R.*
  , ROW_NUMBER( ) OVER( PARTITION BY R.RTBLE_ID ORDER BY R.EFF_DT DESC, R.CHG_DT DESC ) RN
  , LEAD(R.RTNG_CD,1,0) OVER( PARTITION BY R.RTBLE_ID ORDER BY R.EFF_DT DESC, R.CHG_DT DESC ) RTNG_CD_PREV
  FROM ( SELECT RH.RTNG_ID
  , RH.RTBLE_ID
  , RA.RTNG_ACTN_DESC
  , TYP.RTNG_TYP_DESC
  , RH.RTNG_CD_ID
  , RC.RTNG_CD
  , RH.EFF_DT
  , RH.CHG_DT
  , RAL.RTNG_ALRT_TYP_ID
  , RAL.EFF_DT ALRT_EFF_DT
  , RAL.CHG_DT ALRT_CHG_DT
  , RH.PRV_FLG
  FROM FTCH_RTNG.RTNG_HIST RH
  , FTCH_RTNG.RTNG_ALRT_HIST RAL
  , FII_CORE.RTNG_ACTN RA
  , FTCH_RTNG.RTNG_TYP TYP
  , FII_CORE.RTNG_CD RC
  WHERE RH.RTNG_ACTN_ID = RA.RTNG_ACTN_ID
  AND RH.RTNG_TYP_ID = TYP.RTNG_TYP_ID
  AND RH.RTNG_TYP_ID = RC.RTNG_TYP_ID
  AND RH.RTNG_CD_ID = RC.RTNG_CD_ID
  AND RH.RTNG_ID = RAL.RTNG_ID (+)
  AND RH.DELETE_FLG = 'N'
  AND RH.EFF_DT < TRUNC(CURRENT_DATE,'MM')
  AND RAL.EFF_DT < TRUNC(CURRENT_DATE,'MM')
  )R
  -----

  Thanks so much for replying blueforg, and for pointing out the code markup.
  Our server is in the US and we run our code from London, so it is the local time I am interested in, CURRENT_DATE is merely there to get that and as you suggest is not a column. I want my cap to the first of whatever month I run the code on so I'm happy with that bit of the code (so 1 Oct if I run it today). I'm just surprised at how slow my code becomes when I try and restrict the dates and get the row numbers and next row values.
  This code is actually a subquery used in a much bigger query that I am trying to tidy up and make more efficient. The RN is important as I will eventually be filtering for RN = 1. I didn't post the full query as it is huge,badly written (by me) and and particular to our databases so I'm tackling bits one at a time to cut down on confusion. I'll repost with the RN=1 and the code markup ;)
  I also restricting the RH table directly (SELECT * FROM FTCH_RTNG.RTNG_HIST RH WHERE RH.EFF_DT < TRUNC(CURRENT_DATE,'MM')) and moving the analytic functions into the R subquery but that is very slow as well. I heard that temporary tables are efficient? I'm assuming that with my rubbish priveleges I will not be able to do that. I don't want to take any chances of messing anything up either!
  Jon
  SELECT RT.* FROM
    ( SELECT  R.*
            , ROW_NUMBER( ) OVER( PARTITION BY R.RTBLE_ID ORDER BY R.EFF_DT DESC, R.CHG_DT DESC ) RN    
            , LEAD(R.RTNG_CD,1,0) OVER( PARTITION BY R.RTBLE_ID ORDER BY R.EFF_DT DESC, R.CHG_DT DESC ) RTNG_CD_PREV
      FROM  ( SELECT  RH.RTNG_ID    
                    , RH.RTBLE_ID    
                    , RA.RTNG_ACTN_DESC    
                    , TYP.RTNG_TYP_DESC    
                    , RH.RTNG_CD_ID    
                    , RC.RTNG_CD    
                    , RH.EFF_DT  
                    , RH.CHG_DT 
                    , RAL.RTNG_ALRT_TYP_ID    
                    , RAL.EFF_DT ALRT_EFF_DT    
                    , RAL.CHG_DT ALRT_CHG_DT
                    , RH.PRV_FLG    
              FROM    FTCH_RTNG.RTNG_HIST RH
                    , FTCH_RTNG.RTNG_ALRT_HIST RAL
                    , FII_CORE.RTNG_ACTN RA    
                    , FTCH_RTNG.RTNG_TYP TYP    
                    , FII_CORE.RTNG_CD RC    
              WHERE RH.RTNG_ACTN_ID = RA.RTNG_ACTN_ID    
              AND RH.RTNG_TYP_ID = TYP.RTNG_TYP_ID    
              AND RH.RTNG_TYP_ID = RC.RTNG_TYP_ID    
              AND RH.RTNG_CD_ID = RC.RTNG_CD_ID    
              AND RH.RTNG_ID = RAL.RTNG_ID (+)    
              AND RH.DELETE_FLG = 'N'
              AND RH.EFF_DT < TRUNC(CURRENT_DATE,'MM')
              AND RAL.EFF_DT < TRUNC(CURRENT_DATE,'MM')
                                                        )R  )RT
  WHERE RT.RN = 1-----

• How to update creative cloud without admin rights / workaround / windows 7

  one of my co-workers is running creative cloud on a PC / windows 7.  we're using typekit fonts in our AI files. 
  seems creative cloud wants to update pretty often, like every week.
  THE ISSUE(S)
  the user can't update it themselves without getting IT to login as admin to the PC.
  we can't access the typekit fonts without the creative cloud app running.
  we can't run the creative cloud app until we run the update (the updates are forced)
  it's a major hold-up for us, as the team can't work on a file properly as the fonts are missing w/out CC running.  and we can't update CC without IT.  and we can't run CC without updating. 
  is there any workaround for this?  can the CC updates be "turned off" or sceduled once a month or something like that?
  thanks!!

  This is an excellent point – all other updates in Creative Cloud are unforced and up to the customer as to when they are installed...  The Creative Cloud Desktop app should be as well.
  Hope Adobe can change this.
  Note: Here is the update history, on average about once per month –
  http://helpx.adobe.com/creative-cloud/release-note/cc-release-notes.html

• Can't login in to OS X 10.6.7 without domain admin account

  Have just bought a mac mini to test in a Windows server environment.
  I successfully bound to the Acitve Directory server and was able to login as my default user account;
  I moved on and did a software update which moved me from 10.6.4 to 10.6.7 and since this I have not been able to logon using that or any normal user accounts.
  I can successfully login as the administrator (default account created during install) and surprisingly can login as any  Domain Administrator account, something I don't want to be doing. I tested with other normal users with the same issue and can sucessfully install with any Domain Administrator account.
  I have seen a few things that are similar but none of the fixes seem to work...
  This doesn't bode well for Macs in the workplease :S

  I would recommend preparing your system first and then update by following these instructions:
  1. Backup first using Time Machine!
  2. Disconnect all peripherals except the keyboard and mouse.
  4. Download the Combo Update from Apple Downloads.
  5. Boot computer in Safe Mode. Note: Safe Boot loads a stripped down system which may reduce any chance of incompatibility while the update is running. Keep all Applications closed.
  6. Repair Permissions from Disk Utility while booted in Safe Mode.
  7. Install the update from Safe Mode.
  8. Restart as you normally would if prompted.

• Install xcode without admin rights

  Hi!
  I have a work MacBook Pro which my team purchased however our IT department insisted on putting admin rights on it. I have managed to download xcode from the app store however because xcode wants to make changes it requires admin rights. Now, one of the main reasons I have been purchased the MacBook is because I need to work from home for personal reasons. The only thing IT department have suggested to me is for me to travel to work for them just to put a password in.
  Is there a way where I can install xcode without these admin rights? I first hit these admin rights when I need to agree to a license agreement.
  Any help would be much appreiciated!

  Bad news I am afraid.
  Apple properly implement UAC (User Access Control) whereby whenever something tries to install itself it does ask for an admin level authentication. Microsoft's effort in this area ***** big time even if in other areas they may be better than Apple.
  Therefore as things stand you need it to be authenticated by an admin level password.
  Now looking forwards there are two possible approaches which would make both your IT department happy and let you work.
  If your IT department sets up a system whereby they can remotely control your computer they can remotely authorise the installation. This is an absolute pig to do with Windows machines as in Windows normally the authorisation dialog kills the remote control session but thankfully it is easy with Macs. This may require having a VPN connection to the office but some remote control systems do not need this e.g. LogMeIn
  or they could set up a 'self-service' software install system like Munki. There would be a server with the installers on it including the XCode installer and your Mac would be configured to talk to this, you Mac would have the Munki Managed Software client on it and this client would manage installing the applications and would also manage the authorisation for you meaning you would not need to enter a password
  Even once you have XCode installed it is my experience that using it to develop software usually requires admin access anyway, the development company I worked at in support therefore conceded the inevitable and gave all the devs admin level accounts with the understanding that if they broke things they had to fix it themselves.

• Enable Flash Player in Mozilla Fire Fox without Admin Rights

  Hi,
  I am from australia i have a question how do i enable flash player in my system without admin rights. at present there is no access to install software to my system. please help thanks in advance
  Regards
  John Burns

  Hi John,
  Admin rights are required for installing Flash Player because it installs to a system-wide location which requires elevated permissions to write to.  Due to this, there is no way to install Flash Player without having Admin rights.   Since it writes to a system-wide location, any user on the machine with Admin rights can install Flash Player.
  Maria

• Not possible to scroll the menu without lagging - Set Up a Repair service is not working

  Hi,
  It is not possible to scroll the menu without lagging.
  The latest version has been restored but nothing.
  I think the touch screen is having some problems.
  I wanted to use the Set Up a Repair / Send In for service but it seems that the application form doesn't working.
  As soon as push the Continue button, nothing happens.
  Is there anybody from Apple who can check this issue please?
  Thank You.
  Anmary

  Restoring a phone from a backup will put the device back to the state it was when the backup took place, i.e. all info that you had on that phone before using the backup will be gone.
  You could try to restore the phone, which will back up the actual data on the phone, including the passcode, and use this backup to set up a new phone with. The passcode will still be the same, because it is  part of the backup.
  More info here, iPhone and iPod touch: Wrong passcode results in red disabled screen
  Not being able to fill in the passcode is not much different from forgetting it.
  If you cannot remember the passcode, you will need to restore your device using the computer with which you last synced it. This allows you to reset your passcode and resync the data from the device (or restore from a backup). If you restore on a different computer that was never synced with the device, you will be able to unlock the device for use and remove the passcode, but your data will not be present. Refer to Updating and restoring iPhone, iPad and iPod touch software.
  Also have a look at this one: iTunes: About iOS backups