Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-16-2009 05:53 PM
When I run my Supercrypt commands ("\\server\utilities\supercrypt.exe" "\\server\executables\program.lsc"), I get a prompt from Windows:
------------------
Open File - Security Warning
The publisher could not be verified. [etc.]
Name: supercrypt.exe
Publisher: Unknown Publisher
------------------
The user can run the file, but unchecking the "Always ask before opening this file" does not prevent the message in the future.
I understand this is a Windows behavior, not necessarily a problem with Supercrypt (unless Lansweeper could digitally sign Supercrypt with a certificate from a well-known CA?), but I'm hoping somebody has an idea for me. I want to use Supercrypt to elevate user permissions when running programs that require admin rights, but I certainly don't want them to see this dialog box every time; I don't want the user to even know they're using a workaround.
So far, I've tried putting the supercrypt.exe file on the C drive, and (instead) adding the \\server to the list of Intranet zone in IE. My understanding is that by default, those locations are not supposed to prompt the user when running unsafe/unsigned executables. I also tried adding it to the Trusted Sites zone. The behavior was the same in all cases.
------------------
Open File - Security Warning
The publisher could not be verified. [etc.]
Name: supercrypt.exe
Publisher: Unknown Publisher
------------------
The user can run the file, but unchecking the "Always ask before opening this file" does not prevent the message in the future.
I understand this is a Windows behavior, not necessarily a problem with Supercrypt (unless Lansweeper could digitally sign Supercrypt with a certificate from a well-known CA?), but I'm hoping somebody has an idea for me. I want to use Supercrypt to elevate user permissions when running programs that require admin rights, but I certainly don't want them to see this dialog box every time; I don't want the user to even know they're using a workaround.
So far, I've tried putting the supercrypt.exe file on the C drive, and (instead) adding the \\server to the list of Intranet zone in IE. My understanding is that by default, those locations are not supposed to prompt the user when running unsafe/unsigned executables. I also tried adding it to the Trusted Sites zone. The behavior was the same in all cases.
Labels:
- Labels:
-
Archive
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-11-2009 05:48 PM
It would be great to have an option in a future version, so that users could make the decision per program.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-11-2009 12:07 AM
Another Supercrypt / Supercrypter question:
Runas tools always come with some known drawbacks. For example, I know that if I have Bob use Supercrypt to run Quickbooks, the admin account I'm using for the Supercrypt file may not have access to his personal network files. This problem is avoidable in some situations, and unavoidable in others.
However, other drawbacks seem to relate to profile issues. For instance, I recently had users run an application using a Supercrypt shortcut, which used an account with local administrative rights on their computers. Several users got an error about their default printer (this particular app seems to check for a default printer when it starts). I assume that has something to do with the fact that the "user" whose credentials I encrypted had his local profile loaded in the background, which had a missing or invalid default printer assignment.
The product I'm replacing with Supercrypter gave an option to not load the profile of the encrypted user. Does Sypercrypter have a similar option or workaround?
Runas tools always come with some known drawbacks. For example, I know that if I have Bob use Supercrypt to run Quickbooks, the admin account I'm using for the Supercrypt file may not have access to his personal network files. This problem is avoidable in some situations, and unavoidable in others.
However, other drawbacks seem to relate to profile issues. For instance, I recently had users run an application using a Supercrypt shortcut, which used an account with local administrative rights on their computers. Several users got an error about their default printer (this particular app seems to check for a default printer when it starts). I assume that has something to do with the fact that the "user" whose credentials I encrypted had his local profile loaded in the background, which had a missing or invalid default printer assignment.
The product I'm replacing with Supercrypter gave an option to not load the profile of the encrypted user. Does Sypercrypter have a similar option or workaround?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-11-2009 12:12 AM
bnick22 wrote:
The product I'm replacing with Supercrypter gave an option to not load the profile of the encrypted user. Does Sypercrypter have a similar option or workaround?
No, because we found out by previous users that not loading the profile made a lot of programs not work (that's why we changed it)
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-16-2009 10:15 PM
You could try right clicking on the executable and choose "unblock"
It could also be that you have to add the path (\\server\utilities) to your trusted zones
It could also be that you have to add the path (\\server\utilities) to your trusted zones
