- Keeping a US phone number
- Online setup tool for register settings
- Arduino baud rate 8 times too high?
- How do I connect an accelerometer (GY-521) to a SparkFun Thing Dev (ESP8266)?
- What technology is best to simulate a static 2d/3d lattice structure?
- Designing stripboards (prototype boards)
- In an articulated hub rotor craft, what could cause the blade to flap negatively?
- What does it mean to fly a procedure turn?
- Why is a plane escorted while in technical difficulties?
- Fan dipole radiation pattern
- Streamlining Aquarium for Frequent Travel
- How much purring is too much purring?
- Headphones stopped working, need better alternative
- Is there a flight simulator or 3d chart showing the gravity well of the Earth and Moon?
- Is it possible to navigate space travel with no computer?
- UV coordinates are locked from -10 to 10?
- How to make blue hot metal
- Dope Sheet copy/paste buffer keyframes problem
- How to make a realistic snow material in Cycles?
- Bezier curve between faces of different meshes
Least privilege user - IoT Device user needs to perform task requiring Windows admin privilege
Our IoT device runs only our application and the device users can not launch additional apps. The IoT device users and IoT device admins both run under normal (non-admin) accounts with identical privileges.
Device admin users can launch the admin panel and device users can not. My current thought is to have a service running that users with access to the admin panel can call into and the service will perform the admin task on their behalf.
Is there a better way to acomplish this?
This is a Windows device being set up for single-purpose usage.
The device is interactive, with users that have different roles (same permissions).
normal users can use the device. Device Admins can use the device and acess the admin panel where they can further restrict the firewall settings, add new users, disable USB ports (if desired).
The users log into their accounts on the device using different Windows accounts, rather than application-specific accounts