Some time ago, I posted about this wiki (which has a lot more information, now) — nonadmin.editme.com. The idea is to run Windows normally using a non-admin account. There are some very nice security benefits to this; in fact, this is one of the best security features of most Linux-based operating systems (except the dreaded Linspire). The problem is, that Windows was seemingly designed with the idea that the primary user would be the administrator, and would be logged in as such all the time. In other words, even if you want to improve your security by running as a normal user, Windows is designed in such a way as to make a lot of things extremely difficult if you do this.
I decided to look around on this topic again, and found Aaron Margosis’ WebLog — the Non-Admin blog!
There look to be some pretty handy tips on here. The major challenge, unfortunately, is third party programs which, for some insidious reason, will only work properly when the user is an administrator. Palm software seems to be an offender on this count. Recently I installed an Outlook extension (PlanPlus) by Franklin Covey… several days of errors later, we concluded that this, also, needed to be run as admin. I’m still looking for a solution to this one, as I’d prefer to find a way to make it work without the user being in the administrators group. Hopefully Vista, if it does anything right, will get this right.
