12: Least Privilege Manager: Self elevate

Enable your advanced developers and users the ability to self elevate applications, instead of having rules which always apply.

Least Privilege Manager: Self elevate

Hi. This is Jeremy Moskowitz. In this video, I’m going to show you how you can use PolicyPak Least Privilege Manager to enable advanced users to apply a rule on demand.

Here’s the lash-up. Let’s say you have an application like “Process Monitor” or some other application that throws a UAC prompt. You could have a rule that will make this work all the time, that will elevate Process Monitor. You’ve probably seen me do that in other videos. But in this particular video, what I’m going to show you how to do is to create a rule that the user can elevate when they want to, not all the time.

I’ll call this “PPLPM Self Elevate rule.” If you already have an existing rule, you can just update this rule. But I’m just going to start this one from scratch and show you how this works. I’ll go to user side or computer side, “PolicyPak/Least Privilege Manager,” and I’m going to elevate.

I’m going to “Add” a “New Executable Policy” for Process Monitor. I’m going to “Use simple rule” here. I’m going to use a “Hash” rule, so just this particular version of Process Monitor, not an old version, not a new version. Again, you’ve probably seen me do this in other videos.

I’ll go ahead and click “Procmon” here, and I’ve got it. Here’s the new secret thing: “Apply on demand.” We’re going to “Run with elevated privileges” but only when the user says they need to themselves. We’ll go ahead and click on “Next.” We’ll give it a “Name” automatically and click “Finish.”

We’ll go over to the endpoint. We’ll run GP Update (“gpupdate”) and see the result of what we just did. Give this a second for this to finish up. Okay, let me close this out.

Now let’s go ahead. What if we double click “Procmon”? Again, we’re going to get prompted for UAC. But now they can right click and “Run with PolicyPak” and because we have this rule in place it will self-elevate whenever they need to. This is great for developers or for advanced users who don’t want an application to run all the time because of the rule you have in place. It will only run the rule on demand. It’s, again, as simple as right clicking, “Run with PolicyPak” and you’re off to the races.

Hope this helps you out. If you’re looking to get started with PolicyPak, you can start your free trial by going to PolicyPak.com and clicking on Webinar/Download.

Thanks so very much, and talk to you soon.

  • 629
  • 02-Jul-2019
  • 291 Views