I do some stuff that encapsulate calls to various systems
(os api, erp queries, databases access) and if the results
are no secret some passwords used internally are. How to
solve the issue?
example: one program to create a Windows AD user
and use internally higher credentials…(runas…)
You may ask how is it protected now?
Certainly not perfectly but it is in the compiled versions
and kids under 3 will not set a breakpoint.
If you create a windows user based on datas stored in a
flat file and do all the checking to have it done
consistently. You can give the program to a
non administrator of the network. But you will not give
the administrator password so that any task be done
by anyone.
I do some stuff that encapsulate calls to various systems
(os api, erp queries, databases access) and if the results
are no secret some passwords used internally are. How to
solve the issue?
Have the user of the program enter a password, rather than include the
password in the program itself.
I reply in this way because it is an obvious solution, but you haven’t
explained your situation very clearly.
If you create a windows user based on datas stored in a
flat file and do all the checking to have it done
consistently. You can give the program to a
non administrator of the network. But you will not give
the administrator password so that any task be done
by anyone.
It is difficult to understand the goal as you have explained it. As I
understand it, you want to grant administrative rights to
non-administrative users, but you don’t want them to have administrative
authority.
You really cannot grant administrative access without going through the
access procedure, which includes a password. The password is either in
the
script, or it is known to the user so he can type it in. Neither of
these
options seems particularly attractive.