Novell ZENWORKS 10 CONFIGURATION MANAGEMENT SP3 - SOFTWARE DISTRIBUTION REFERENCE 10.3 30-03-2010 Management Manual page 151

Field Description
Executable Security Click More Options to specify the Window executable's security level.
Level
The executable can run in either the "user" space or the "system" space. By
default, the Run normal option is selected, which causes the application to run in
the "user" space and inherit the same workstation security level as the logged-in
user.
If the logged-in user's security level does not provide sufficient rights and file
access to run the executable, you can configure the executable to run in the
"system" space or as a dynamic administrator, as described below:
Run as logged in user: The executable inherits the logged-in user's
credentials. For example, the executable has the same rights to the registry
and the file system as the logged-in user.
Select the executable's initial window size: Normal, Minimized, Maximized, or
Hidden. In Hidden mode, the executable runs normally without a user
interface available. This is useful if you want the executable to process
something, then go away without user intervention.
Run as secure system user (Don't allow system to interact with
desktop): The executable is run under the Local System user and inherits
Administrator-level credentials. For example, the executable has full rights to
the registry and the file system. Because the security level is set to Secure,
the executable's interface is not displayed to the user and the executable is
only visible in the Task Manager. This option is useful when running
executables that require full access to the workstation but require no user
intervention.
Run as dynamic administrator: A dynamic administrator is an
administrator account that is created on the fly to perform certain procedures,
such as installing applications. Using a dynamic administrator is helpful when
installing applications (some MSI applications, for example) that cannot be
installed in the system space. When you select this action, the dynamic
administrator is created, it performs the required tasks, and then the account
is deleted.
When performing actions as a dynamic administrator, ensure that you select
the When action is compete option in the Wait before proceeding to next
action group box. Selecting this option ensures that the action is completed
and the process has terminated and released its resources before ZENworks
begins cleaning up and deleting the dynamic administrator account.
NOTE: Performing this action as dynamic administrator on a Windows
domain controller fails because Microsoft does not allow the use of local
administrator accounts on domain controllers.
Actions 151