Updated The problem with corporate Windows Enterprise installations, are that they are locked down and paranoid. Running "random" installers is not possible.
Updated The problem with corporate Windows Enterprise installations, are that they are locked down and paranoid. Running "random" installers is not possible.
To get around this limitation for power users, LAPS is a method used when your regular domain account doesn't have local admin rights, and you instead elevate to local admin using a second local account, with a password provided from AD.
To exemplify:
My normal domain users: Lars (Does not have Local Administrator rights)
The local admin user: AdminLars (Has Local Administrator rights)
The problem seems to be that when you use LAPS and AdminLars, the user context is not my regular domain user Lars - but the special local admin account AdminLars - so any registry settings installed, ends up in the wrong HKEY_CURRENT_USER.
This means that when I start Delphi as Lars - any components installed as AdminLars are not visible.
Recreating registry entries is a possibility - but - complex - since I don't know what keys any specific set of components install.
Any suggestions of how to work around this?
-- original post:
Does any of you have experience with installing components for RAD Studio (10.1 upd.2) under Windows 10, using MS LAPS?
It seems that TMS and EurekaLog installs doesn't appear to be visible to the Delphi installation (also installed using LAPS).
I need a workaround.
https://technet.microsoft.com/en-us/mt227395.aspx
https://technet.microsoft.com/en-us/mt227395.aspx
To get around this limitation for power users, LAPS is a method used when your regular domain account doesn't have local admin rights, and you instead elevate to local admin using a second local account, with a password provided from AD.
To exemplify:
My normal domain users: Lars (Does not have Local Administrator rights)
The local admin user: AdminLars (Has Local Administrator rights)
The problem seems to be that when you use LAPS and AdminLars, the user context is not my regular domain user Lars - but the special local admin account AdminLars - so any registry settings installed, ends up in the wrong HKEY_CURRENT_USER.
This means that when I start Delphi as Lars - any components installed as AdminLars are not visible.
Recreating registry entries is a possibility - but - complex - since I don't know what keys any specific set of components install.
Any suggestions of how to work around this?
-- original post:
Does any of you have experience with installing components for RAD Studio (10.1 upd.2) under Windows 10, using MS LAPS?
It seems that TMS and EurekaLog installs doesn't appear to be visible to the Delphi installation (also installed using LAPS).
I need a workaround.
https://technet.microsoft.com/en-us/mt227395.aspx
https://technet.microsoft.com/en-us/mt227395.aspx
Running BDS as admin helps finding the components - but always running the development tool as admin is not really ideal.
ReplyDeleteWhile you are logged in as AdminLars, can't you just add Lars to the local admins group? Ok, that counterfeits the purpose, but seems like a pragmatic approach - if it works.
ReplyDeleteWork to rule?
ReplyDelete/sub
ReplyDeleteUwe Raabe I actually did exactly that. It will work for a while, until the magic AD policy policing process cleans it out. It is enough time to get my components installed, at least - which was the most urgent problem.
ReplyDeleteA rather pointed email has caused some internal IT department activity about creating a general developer user profile to resolve such issues. Awaiting answer on Friday.
Lars Fosdal I once wrote a service that automagically adds certain users or groups to the local admin group.
ReplyDeleteIf you want it, remind me end of January to hunt it down as I'm on holiday right now.
Jeroen Wiert Pluimers It's probably just as easy to do it in a powershell script, since it can access the LAPS pwd directly.
ReplyDelete