I have the TSplus Demo to verify if TSplus will be the software we will use in future.
I want my users only to be able to execute a specific program. I did only assign this program to the usergroup. If I log in over the webinterface one of those users the program starts and nothing else is available.
But in our scenario the users will not log in over the web interface. An URL will be used with username, password and program as parameters given by the URL.
Code: Select all
<a href="https://myserver.com/software/html5.html?user=USER&pwd=PASSWORD&program=C:\\\\Path\\\\to\\\\program.exe&startupdir=c:\\\\Path\\\to¶ms=" target="_blank">Start program</a>Code: Select all
<a href="https://myserver.com/software/html5.html?user=USER&pwd=PASSWORD&program=C:\\\\Windows\\\\SysWOW64\\\\cmd.exe&startupdir=c:\\\\windows\\\\syswow64¶ms=" target="_blank">Start program</a>runas /user:administrator regedit
Ofcourse you need to know the users password. But anyway this seems to be a lack of security since the user can start every program installed on the machine and not only those which were assigned to the user or usergroup via TSplus Admin Panel.
Is there anybody who knows how to solve this with TSplus configuration? I do not want to have to additionally configure program/user/usergroup rights directly in Windows when I already did set it in TSplus Admin panel.
Thanks and BR,
Filz