Granting Administrator Rights
To grant Administrative rights to a user
- Log on to the user’s computer as an administrator.
- Click Start, and then click Run.
- In the Open box, type cmd, and then press Enter.
- Obtain the security identifier (SID) for the user. To obtain the SID, type whoami/groups at the command prompt, and then press Enter. This returns a list of groups to which the user belongs, along with the user’s SID. Write down the SID number; you will need it in step 5.
- If the computer is running Windows XP, type the following at the command prompt, and then press Enter:
httpcfg set urlacl /u http://+:1000/ /a D:(A;;GX;;;<SID>)
Where <SID> is the user’s security identifier. The command and response should be similar to the following example.
C:\Program Files\Support Tools> httpcfg set urlacl /u http://+:1000/ /a D:(A;;GX;;;s-1-5-21-3811445897-853718750-2640504884- 1107)HttpSetServiceConfiguration completed with 0. C:\Program Files\Support Tools>
- Microsoft Vista does not support the httpcfg command. On computers running Windows Vista, type the following at the command prompt, and then press Enter.
netsh http add urlacl url=http://+:1000/ user=<machineName>\<UserName>
Where <machineName> is the name of the computer that you are configuring and <UserName> is the name of the user or group that will use the machine.
CCF 2009 SP1 allows you to open multiple instances of ID. In this case, each instance will use a different port for its communications. To open multiple instances, you must register a port for each instance starting from 1000. For example, if you want to open five instances of the ID, you must register port 1000 through 1004. To register a port, run the command:
- For Windows Vista:
- netsh http add urlacl url=http://+:<port number>/ user=<machineName>\<UserName>
- For Windows XP:
- httpcfg set urlacl /u http://+:<portnumber>/ /a D:(A;;GX;;;<SID>)
For more information about configuring administrator privileges, see the MSDN article Limited User Problems and Split Knowledge, available at http://msdn.microsoft.com/en-us/magazine/cc163531.aspx.
The netsh command uses the Security Descriptor Definition Language (SSDL) to implement the changes. For more information about using SDDL, see the MSDN article SDDL for Device Objects, available at http://msdn.microsoft.com/en-us/library/ms794693.aspx.