I discovered the other day( I'm abit slow ) that when working on another PC that is running a restricted account that I can run task manager from the restricted account with admin credentials using the 'run as command', which is handy if you want to kill processes instead of having to log off/on all the time.
I was thinking how time saving for an admin of a large network if he/she needed to go to the machine to fault find and they had a piece of hardware(mouse) that was recognised by the network as the admin mouse thus as soon as its plugged into any machine there is no need to log off/on or type in passwords into the run command(always little eyes lurking to see admin password ).

I know network cards have mac addresses but do all types of hardware have these addresses? and if so do they vary from model to model or is there any way to differentiate between two pieces of hardware?

In brief, MAC addresses are only related to network stuff. There's no way to identify a piece of hardware as unique if the hardware itself doesn't offer the possibility to query the serial number via software, and even then both MAC addresses and SN can be changed if they can be flashed. For NICs it can even be much easier than that because some drivers allow to change the MAC address via software.

Quote from CSU1 :

I was thinking how time saving for an admin of a large network if he/she needed to go to the machine

The number of times you actually need to go and be physically at the machine is quite low tbh. Usually if this is the case then you've got bigger things to worry about

Quote from the_angry_angel :

The number of times you actually need to go and be physically at the machine is quite low tbh. Usually if this is the case then you've got bigger things to worry about

How sadly true.
- I cannot start the remote control software on the server, there's only a black screen with something written on it.
- What does it say?
- That there's a problem reading a file.
- Which file?
- \windows\system32\config\system
- ...
- You still at the phone?
- Not for long. I'll be there as soon as I can.

Quote from the_angry_angel :

The number of times you actually need to go and be physically at the machine is quite low tbh. Usually if this is the case then you've got bigger things to worry about

Do you think an 'admin mouse'(optical mouse for example) that is recognised by the server as admin mouse thus running all windows with your credentials would be time saving?

So here is the scenareo.

Admin gets a phone call about whatever, some problem with a machine. After failing to find the fault through whatever remote software he/she uses, the admin must now go to the machine.
So he grabs admin mouse and as soon as he puts the optical mouse on the table and clicks on an application the mouse has already entered his credentials through the 'run as command'.
What has happened is 1) there was no need to log off and on, 2) there was no need to manually 'run as' admin 3) the possibility of prying eyes seeing the admins password is removed, which if in a large office with loads of messers around you dont want.

I just know how frustrating it can be for an admin of a large office network as I myself actively waged war against my admin after he block me from LFSforum.net(I believe there's a thread around here somewhere on that, really though I had keyloggers and camera phones set up only to name a few

-------------------------------------------------------------------------------------

Quote from Albeig :

In brief, MAC addresses are only related to network stuff. There's no way to identify a piece of hardware as unique if the hardware itself doesn't offer the possibility to query the serial number via software, and even then both MAC addresses and SN can be changed if they can be flashed. For NICs it can even be much easier than that because some drivers allow to change the MAC address via software.

Ok, so a standard optical mouse has no chance of offering a unique id for itself.

Quote from CSU1 :

Do you think an 'admin mouse'(optical mouse for example) that is recognised by the server as admin mouse thus running all windows with your credentials would be time saving?

Although the question isn't for me, I think I have enough expertise to answer in short: no.
Anyway, what you're proposing could be much more safely obtained through biometric authentication. Here's an example.
If you mean to do it in a cheap way, I'll just remember that cheap and safe are terms that generally don't go well together in system administration.

Quote from Albieg :

Although the question isn't for me, I think I have enough expertise to answer in short: no.
Anyway, what you're proposing could be much more safely obtained through biometric authentication. Here's an example.
If you mean to do it in a cheap way, I'll just remember that cheap and safe are terms that generally don't go well together in system administration.

I'll agree with Albieg. Imagine if that mouse/item got stolen. You've then got a much larger issue on your hands.

As for biometrics - currently they're just as bad imho.

Tbh the fact you went after your sysadmin is a bit concerning. Unless he was a total dick, he wouldn't have done it without prior consent, or request, from one of your superiors.

Quote from the_angry_angel :

As for biometrics - currently they're just as bad imho.

Bad for me too and unnecessary in most cases, but still safer than devices that could be stolen/replicated easily.

Those usb sticks with the finger print thingy have been around a while now, and once unlocked and plugged into the machine all the data can be easley read.

About the admin at the time, he was a total dick, he wouldnt even let staff go onto the national postal service, SDS sites etc.etc....paranoid freak.

Who said anything about cheap Albieg?

I imagine those usb/bio things arent really safe as you need to plug them into the machine and it might be too late before you discover data has leaked from the stick.

Im just curious what tools admins use to keep p.words etc...

Quote from CSU1 :

I imagine those usb/bio things arent really safe as you need to plug them into the machine and it might be too late before you discover data has leaked from the stick.

Im just curious what tools admins use to keep p.words etc...

Those dongles are authentication devices. No data is kept in them, except what comes from your fingerprints and from asymmetric authentication tokens. You'd have to crack a centralised authentication database to override that and that's not so easy.
What to do to remember passwords? Memory and method. And Truecrypt for important data you have to hide.