cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
trevora
Engaged Sweeper II

Just bought and installed Lansweeper and playing around with it and would like to clarify the security aspects of it.

We have 3 domain admins and an apprentice and would like all 4 to have access to the system, but would like to prevent the apprentice from accessing certain features (i.e. shutdown\reboot computers, amend user password settings etc). Please could you advise if it is possible to lock down certain features or is it a case of once you get to the webpage you're in?

More concerning is the fact that the default install onto IIS leaves the webpage accessible to anyone. I've edited our web.config to lock it down, but this is mentioned in a KB article rather than in any installation instructions, which i would have thought is a fairly important point. Surely if left to its default install then anyone could access the system and, once it had done a scan, start shutting down whatever they feel like (including servers).

Or have i missed something fundamental?

2 REPLIES 2
trevora
Engaged Sweeper II
Excellent I have missed something then!

Thanks for the prompt response.
Hemoco
Lansweeper Alumni
All actions run in the context of the user logged on (the user starting the webconsole)
Non-administrators can't run the actions that need administrative privileges.