摘要 |
<p>Technique for allowing real time centralized administration of protected objects on client computer systems. When a user logs on to a centrally administered clients machine on a computer network, an intermediary object modification process starts in the background with administrator account permissions. Thereafter, whenever the administrative agent on the client computer system unsucessfully attempts to perform an operation on a protected object for which the logon user lacks sufficient permission to perform (218, 220), the agent passes a request (226, 312) to the intermediary process to perform the operation. The intermediary process is able to perform the desired operation because it has sufficient permission to do so even if the administrative agent does not.</p> |