Skip to content

Case 1: Users regularly run a set of applications with admin rights to fulfill their responsibilities

To grant the required permissions to users who might regularly need to run a specific set of applications with admin rights, Securden EPM Cloud Edition provides a policy-based privilege elevation provision. To test policy-based privilege elevation, follow the steps below:

Step 1: Create a privilege-elevation policy

1) In the Securden EPM web interface, navigate to Privileges >> Application Policies >> Add Policy.

Adding Control Policy in EPM

2) Select the policy type in accordance with the operating system on the endpoint. For explaining the process, we will assume that the endpoint is running on Windows.


Policy Type Options in EPM

3) Give a suitable name for the policy for identification purposes.

4) Select the application elevation preferences. For testing purposes, we can select Elevate with local administrator privilege.

5) Select the required application(s) by searching the field.

Selecting Applications and App Groups to Add to Policy in EPM

6) Select the devices on which this control policy should be enforced. You have the option to associate the policy with all the devices available in Securden. You can also associate the policy with specific devices.


Select Computers and Groups to Add to Policies in EPM

7) Select the users to which this control policy should be associated.

8) When associating the policy with specific devices and specific users, you can associate the policy with local user accounts.


Associate Users with App Control Policy in EPM

Note

Users added to Securden from Azure (Entra ID) and AD will be available under Associate Policy with Users/User Groups in Securden. If you want to associate the policy with local users on the selected endpoints, then you need to search and add them in the field Associate with Local Users.

9) Click Save.

Step 2: Elevating the application on the endpoint

Once the policy is enforced, we can test running the associated application with admin rights on the endpoint associated with the policy.

  • In the endpoint, right-click on the app and click Run with Securden Privilege to run the app with admin rights.


Privilege Elevation Using Context Menu

  • Alternatively, you can use the command prompt to run the app with admin rights. Open the command prompt and prefix secudo with the exact command that you need to run to start the application from the command prompt.


Privilege Elevation Using Command Prompt

  • You can also try right-clicking on the application and clicking Run as Administrator. The User Account Control prompt will pop up and ask you to provide administrator credentials.


UAC Prompt Securden Popup

  • Along with the UAC prompt, the Securden pop-up will also be displayed. You can simply click Proceed and the application will be run with admin rights.

Now, you can test by running different apps with admin rights that are not covered in the policy. A Securden pop-up will be displayed stating that you do not have the required permissions to run this app with admin rights. Here you can place a request with the EPM administrator to grant the required permissions. The steps are explained in the next use case.

Securden Help Assistant
What's next?
Request a Demo Get a Price Quote
Thank you message

Thanks for sharing your details.
We will be in touch with you shortly.

Thanks for sharing your details.
We will be in touch with you shortly.