• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

Allow non-admin accounts change Norton settings

Hello,

In the past I used Norton 360, where there was an option to allow non-admin users to change Norton settings and allow content it has blocked. I can't find this option in this new Norton Security software (version 22.5.2.15, Finnish, Windows 10 x64). If this feature isn't in this program yet, is it something that will be added in future updates? I've found and enabled the same setting that was in 360 also, password protect Norton settings. Thanks.

Labels: Windows 10

Replies

Accepted Solution
Kudos1 Stats

Re: Allow non-admin accounts change Norton settings

Non Admin has been removed and Settings Password Protection is under Administrative Settings > Product Security.
As I recall Non Admin removed as security hole > only Admin should have access. 
Hows NS 22.5.2.15 on W10  > hope okay. 

Kudos0

Re: Allow non-admin accounts change Norton settings

Yes, the password protection I found. So what would be easiest in this version if I need to make exlusions or something? Log in to admin account and do the change? Would be nice if I could just give the Norton's own password and change the settings with normal user account like in 360. Any chance this option will be added?

Kudos0

Re: Allow non-admin accounts change Norton settings

Yeah, product design is over my pay grade.  Seems thinking is certain settings rooted with Admin.  I only run Admin so, I'm not best to evaluate lack of Non Admin. 

Kudos0

Re: Allow non-admin accounts change Norton settings

I've now encountered this too. I've not upgraded my NIS for over a year I think. Last night I installed the latest NIS. Symantec have made some detrimental changes that I hope you will correct soon. I never use my Win7pro64 computer with administrator rights. I was accustomed to configuring NIS so I could adjust the settings from within the windows non-admin user account. This is no longer possible; I can guess why you made this change. However, running NIS with runas/adminstrator from within the windows user account also doesn't allow me to change settings. The only way I can adjust the settings is to log in as the windows/administrator. I could probably live with that but the only was to access your help pages is to fire up a browser and I NEVER run a browser in administrator mode so how do you expect your users to adjust the settings and consult your help pages at the same time without accessing the www and running the computer in adminstrator mode? Buy a second computer? Your measure to deny runas/admin in usermode forces your users to browse the web in adminstrator mode to access the help pages. Why? Now you force the user to open the browser (running java/flash ... ) as an administrator. Please correct this fault urgently because in my view NIS is now broken from the previous version I was using. See attached image in pdf from running NIS through runas/administrator from the user account. Note the detailed settings options are greyed out.
Kudos0

Re: Allow non-admin accounts change Norton settings

Norton's measure to deny runas/admin in usermode forces your users to browse the web in adminstrator mode to access the help pages. Why? Now you force the user to open the browser (running java/flash ... ) as an administrator. Please correct this fault urgently because in my view NIS is now broken from the previous version I was using.
Kudos0

Re: Allow non-admin accounts change Norton settings

Hello

This is primarily a user to user Forum. If you have changes which you would like to be made, you can make a Thread in the Product Suggestion Forum. You only need the Admin Account to make changes to your Norton product settings. This is done to protect your product so that if some one else uses your computer even with your permission, they can't change your settings. Once you have made your settings, then you can go back to your user account if you so desire. I use Admin all the time, so I also don't have your issue.

Hello JaniN_83

In case you are not aware, the current version is 22.6.0.142. If you want to get that version please run Live Update until it says you are up to date restarting as directed. After you are all updated, restart one more time.

Thanks.

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.18.0.213 Core Firmware 282 I E 11 Chrome latest version.
Kudos0

Re: Allow non-admin accounts change Norton settings

floplot:

You only need the Admin Account to make changes to your Norton product settings. This is done to protect your product so that if some one else uses your computer even with your permission, they can't change your settings.

Wouldn't the password protection option already accomplish that even more effectively - especially since without password protection anyone using the computer from an administrator account could make changes to Norton?

While Symantec has not said precisely what security considerations were behind removal of the non-admin access to Norton settings option, one must assume that the option essentially gave a standard user account escalated privileges that posed a substantial risk to Norton, the system, or both.  While I agree with the point that this means clicking a help link from the settings windows will open a browser in an administrative account, I am sure the danger posed by allowing access to the settings by something running in a limited account was probably deemed a greater risk.

Kudos0

Re: Allow non-admin accounts change Norton settings

I've just finished a chat session with Norton Support, to find out how to temporarily disable NIS under a non-admin account - and to ask where the setting to allow "Non-Admins Access to NIS Settings" - which used to exist in NIS - has disappeared to. He explained that "you need to set administrator privilege on your non administrator account so that you can use Norton product fully" - and "it is not an insecure practice. New Norton product has better security. If you use Administrator account then you will not lose any security. Norton will secure your device with full potential in administrator account..."

I am flabbergasted. Norton are advising me to use an admin account for everyday use so Norton Internet Security will run effectively. I have worked in IT many years and it is most definitely a VERY, VERY BAD idea to encourage people to use an admin account for everyday use. What are Symantec thinking!

Kudos1 Stats

Re: Allow non-admin accounts change Norton settings

I hope the information you received from the support agent is just an issue with language interpretation. If you gave direct quotes from your chat session, it looks like they told you that Norton will fully protect you while in a Windows admin account, which is required if you want to change any Norton settings. From what you quoted, I see no indication they are suggesting you use this account for everyday use.

Things happen. Export/Backup your Norton Password Manager data.
Kudos0

Re: Allow non-admin accounts change Norton settings

It might have been partly a language issue, but I was initially shocked by what I appeared to be being asked to do - it certainly seemed that "you need to set administrator privilege on your non administrator account so that you can use Norton product fully" implied I should switch to using an admin account on an on-going basis.

Of course, I reached this stage after searching around on the web to find what had happened to the missing functionality - and no where did I come across any official Norton advice (nor indeed any Norton comment at all) about the removed functionality. No where did I read that it had been removed because of security holes - and, although very inconvenient, what you should do if you want to temporarily disable the firewall, is switch temporarily to an admin account, disable the firewall, but then switch back to your non-admin account to continue.

I have worked in IT for many years, and immediately knew that switching to using an admin account would be an appalling stupid thing to do - most ordinary users won't understand this, and will think that is exactly what Symantec has told them is the right thing to do.

Kudos0

Re: Allow non-admin accounts change Norton settings

JA0000:

I have worked in IT for many years, and immediately knew that switching to using an admin account would be an appalling stupid thing to do - most ordinary users won't understand this, and will think that is exactly what Symantec has told them is the right thing to do.

Unfortunately, most "ordinary users" are probably already running as administrator.  Those who are running as standard users probably understand, as you do, the security benefits of doing so.  I think the miscommunication lies in the fact that a company's support agents are trained and narrowly focused on making sure the product itself works for the customer.  They are not Steve Gibson.  The advice you got was correct as it pertains to the product - to have access to all settings, you need to be running as administrator, and doing so does not lessen the protection that Norton itself provides.  Of course this does not take into consideration other security best practices, which are probably beyond a CSR's purvue.

This thread is closed from further comment. Please visit the forum to start a new thread.