Request Local Administrator Rights

Overview: 

Administrative Rights are elevated access privileges on end-point devices. Local Administrative access to University-owned assets are reviewed and approved on a case by case basis. Users with a documented and justifiable need for administrator access to their computers can request local administrator access to their university-owned computer.  

Administrative rights are limited to comply with industry best practices and Christopher Newport University's Account Management Standard.

Appropriate Uses for Local Administrative Rights

• ITS Staff to troubleshoot systems

• ITS Staff to install software

• Faculty/Staff with specialized computing requirements that cannot be met by ITS Technical Services

• Users whose documented job function is primarily IT-related

Inappropriate Uses for Local Administrative Rights
Local Administrative Rights are NOT used for:

• End-users to perform system updates or configuration changes

• Installing or uninstalling software without proper authorization

• Adding system resources or components without IT approval

NOTE: The previous paper Privileged Account Request Form has been deprecated and will no longer be accepted.

Request Process

Important: All requests must be submitted by a supervisor on behalf of the user. Users should discuss the viability and need of privileged access with their department head prior to submission. Access is only approved for experienced computer users with a compelling need.

Option 1: ERS Request

Supervisors can use the Employee Resource System (ERS) to request that Privileged Account resources be provisioned for the user. Information regarding ERS submissions can be found in the ERS documentation.

Option 2: Ticket Submission

Supervisors can submit a request through the Helpspot ticketing system, specifying the user that requires Privileged Account access.

Submit Ticket

Prerequisites:

• Users must complete mandatory annual Security Awareness Training prior to receiving a Privileged Account

• Upon reception of the request, IT Services will begin a digital signature process through DocuSign

Terms and Conditions for Approved Local Administrator Accounts

By receiving local administrator rights, users agree to the following conditions:

Account Usage

• This account will only be used when performing actions that absolutely require local administrator rights

• All other activities will be performed under a regular user account

Software Management

• Only properly licensed software may be installed on this workstation

• Licensing information for any copyrighted software must be forwarded to the ITS Helpdesk for Commonwealth audit availability

• Software installed by the University will neither be modified nor removed

• Contact the Helpdesk for software purchase assistance

Account Management

• No new local user access accounts will be created

• Existing accounts will not be elevated without authorization

• Contact the Helpdesk if additional accounts are needed

Hardware and Network

• Any hardware modifications, deletions, or additions to University computer equipment must be conducted by IT Services

• Peripheral equipment including printers, USB devices, and PDAs are not restricted by this provision

• Network settings will not be modified (addition of Wireless Networks is allowed)

Enforcement

By accepting local administrator rights, the user acknowledges and agrees that:

1. Any breach of this agreement will cause harm to the University and/or its employees or students

2. Christopher Newport University has the right to take disciplinary action and enforce this agreement for any breach

3. The user will follow the Christopher Newport University Acceptable Use of Computing Resources (6010) and all Christopher Newport University Information Security Policies and Standards.