Is there a way to force a user to gain newly given local rights, without requiring the user to login again?
Assume the following scenario:
A computer is part of a Windows Domain environment. The user DOMAIN\JOHN logs on his computer, JOHNPC. The DOMAIN\Domain Users group is part of the local "Users" group on JOHNPC. So John is allowed to log onto the PC as a regular user.
If we then to remotely add John to the "Administrators" group of JOHNPC:
psexec \\JOHNPC net localgroup Administrators /add DOMAIN\JOHN
This works. If the still logged on JOHN executes
net localgroup Administrators
He will see himself as a local administrator. However, Windows does not reflect this. John is unable to run any elevated programs despite being a local admin. We notice he has to log off and log on again for Widnows to recognize his newly given local Administrator rights.
Is there a way to force this behaviour to update while John remains logged on?