You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

Before you request Local Administrative Rights, please check the macOS and Windows Self Service portals located on EVERY Staff/Fac computer on campus.

To learn more about this tool and its proper usage, visit the Self Service Knowledge Base page!

This computer system is the property of Christopher Newport University and it is for authorized use only. By using this system, all users acknowledge notice of, and agree to comply with, the University’s Acceptable Use of Computing Resources Policy (6010). Unauthorized or improper use of this system may result in administrative disciplinary action, civil charges/criminal penalties, and/or other sanctions as set forth in the University’s Policy. By continuing to use this system you indicate your awareness of and consent to these terms and conditions of use.

https://cnu.edu/public/policies/policy/its-information-technology-policies/cnu-policy-6010_acceptable_use_of_computing_resources_policy.pdf

Overview: 

Administrative Rights are elevated access privileges on end-point devices. Local Administrative access to University-owned assets are reviewed and approved on a case by case basis. Users with a documented and justifiable need for administrator access to their computers can request local administrator access to their university-owned computer.  

Administrative rights are limited to comply with the VITA SEC501 and Christopher Newport University's Account Management Standard.


What are local Administrative Rights Used for:

  • ITS Staff to troubleshoot systems
  • ITS Staff to install software
  • Faculty/Staff with specialized computing requirements that cannot be met by ITS Technical Services
  • Documented job function is primarily IT related

What local Administrative Rights are NOT used for:

  • End-users to perform system updates or configuration changes
  • Installing or uninstalling software
  • Adding system resources or components


Local Administrative Rights are a privilege and are reviewed and approved by the Information Security Officer.  Approved, Local Administrative accounts are reviewed every ninety (90) days and will be terminated without notice for non-use and/or abuse of privileges. 


Request Process:

  1. Discuss the viability and need with your department head.  Access is only approved for experienced computer users with a compelling need.

  2. Fill out the attached Privileged Account Request Form (located below), and have your department head sign it. 

  3. Once approved by the department head, the completed form should be submitted to the Provost or appropriate Vice President for approval.

  4. Create a Help Desk Ticket Request, attach the approved Privileged Account Request Form.

  5. The Information Security Officer will review your request upon submission. 

Approved Local Administrator Accounts Terms and Conditions:

  • This account will only be used when performing actions that absolutely require local administrator rights. All other activities will be performed under a regular user account.
  • Only properly licensed software is to be installed on this workstation. Licensing information for any copyrighted software must be forwarded to the ITS Helpdesk, where it will be available to Commonwealth auditors on request. (If you need assistance with this procedure or would like to purchase software, please contact the Helpdesk.)
  • No new local‐user‐access accounts will be created nor existing accounts elevated. (In the event such additional accounts are needed, please contact the Helpdesk.)
  • Any hardware modifications, deletions or additions to University computer equipment must be conducted by IT Services. Peripheral equipment including printers, USB‐devices. and PDAs are not restricted by this provision.
  • Software installed by the University will be neither modified nor removed.
  • Network settings will not be modified. (The addition of Wireless Networks is allowed)


Local Administrator Account Enforcement

  1. By signing the Privileged Account Request Form, the user acknowledges and agrees that any breach of this Agreement by the user will cause harm to the University and/or its employees or students.  User must agrees that if a breach of this Agreement is committed, Christopher Newport University shall have the right to take disciplinary action against me and to otherwise enforce this Agreement.
  2. User also agrees to follow the Christopher Newport University Acceptable Use of Computing Resources (6010) and all Christopher Newport University Information Security Policies and Standards


Questions regarding these procedures may be directed to the Information Security Officer iso@cnu.edu 


If this didn't resolve your issue:

or call (757) 594-7079
  • No labels

Submit a helpdesk ticket: https://help.cnu.edu