Activate admin rights - Heimdal
You can activate administrator rights on your computer for 30 minutes at a time, depending on whether you need to:
- Install or update an application.
- Run a single application as an administrator.
Find out how below.
How-to guide for PC
Install or update an application
How to start an admin session:
Step 1:
Locate the blue Heimdal symbol in the bottom right corner. Right-click it and select Request Admin Privileges.
Step 2:
Wait for the computer to authorise. You'll get two messages on the screen. The first will confirm that you have been granted access. The second will tell you how much time you have to install or update.
To check if you still have admin privileges, do the same thing again: right-click the blue Heimdal sign and select Request Admin Privileges.
IMPORTANT
While the admin session is active, you should not browse the internet or open emails from people you don't recognise. When administrator rights are active, your computer is particularly vulnerable to cyber attacks.
Step 3:
In connection with the first action that requires administrative rights, the computer will ask you for your username and password. Use your auxxxxxx@uni.au.dk username.
Then the application can be installed.
If you need to install the application on multiple computers, follow the same procedure for each one.
Note: If you have trouble installing or updating a application even after following these instructions, please contact your local IT support
Step 4:
If your session has not timed out after you have installed or updated the desired application(s), open the Heimdal window again and click Revoke to end the admin session.
Right-click the blue Heimdal sign in the bottom right corner and select Request Admin Privileges.
Note: If you have trouble installing or updating a application even after following these instructions, please contact your local IT support
Run a single application as an administrator.
If you want to run a single application as an administrator, do the following:
Step 1:
Find the application on your computer. Right-click on the program and select Run with Admin Privileges. This is the option highlighted in red below.
If you have Windows 11, first click Show more settings.
You can use this option both to run an application as an administrator or to install an application. Please note that you do not have the same full administrator rights as if you start an administrator session for 30 minutes.
Step 2:
If your session has not timed out after you have run the application, open the Heimdal window again and press Revoke to end the admin session.
Right-click the blue Heimdal sign in the bottom right corner and select Request Admin Privileges.
Run a single application as an administrator
If you want to run a single application as an administrator, do the following:
Step 1:
Find the application on your computer. Right-click on the program and select Run with Admin Privileges. This is the option highlighted in red below.
If you have Windows 11, first click Show more settings.
You can use this option both to run an application as an administrator or to install an application. Please note that you do not have the same full administrator rights as if you start an administrator session for 30 minutes.
Step 2:
If your session has not timed out after you have run the application, open the Heimdal window again and press Revoke to end the admin session.
Right-click the blue Heimdal sign in the bottom right corner and select Request Admin Privileges.
How-to guide for Mac
Install or update an application
How to start an admin session:
Step 1:
Locate the blue Heimdal symbol next to the clock on the taskbar at the bottom of the screen.
Click Privileged Access Management
Step 2:
Click the blue Elevate button
Step 3:
Wait for the computer to authorise. You'll get two messages on the screen. The first will confirm that you have been granted access. The second will tell you how much time you have to install or update.
It is not possible to revoke administrative rights before the 30 minutes are up. After 30 minutes, Heimdal will automatically revoke your admin rights.
IMPORTANT
While the admin session is active, you should not browse the internet or open emails from people you don't recognise. When administrator rights are active, your computer is particularly vulnerable to cyber attacks.
Heimdal FAQ
Read more about how Heimdal Security works and why AU chose this solution.
What do I need to do to get Heimdal?
You don't have to do anything. The Heimdal Security application will be rolled out on staff computers by AU IT.
What is the purpose of Heimdal?
Heimdal helps protect your computer and AU as a whole by keeping administrator rights locked down when they are not needed. This reduces the risk of viruses, malware or hackers gaining access to administrator rights and limits the damage in the event that a security breach does occur.
Cybercriminals gaining access to administrator privileges is one of the most common forms of cyberattack.
Heimdal was chosen because the solution gives AU's employees freedom of action in connection with their work tasks. For example, you can still install applications on your work computer yourself, because you can activate administrator rights when you need them.
How does Heimdal work and when should I use it?
Heimdal gives you temporary administrator rights on your work computer. When installing or updating applications, you must first get admin rights by activating Heimdal. You can activate Heimdal in your computer's taskbar, where you will be asked to enter your AU ID and password. See also the Hemidal how-to guide at the top of this page.
Your admin session will be active for 30 minutes, during which time you can make changes to your computer.
Just install or update the desired application as usual. After the application or update is complete, remember to deactivate Heimdal if the admin session hasn’t timed out yet.
Be aware that your computer is particularly vulnerable when administrator rights are active. For this reason, we recommend that you refrain from opening from senders you do not recognise or surfing the internet while the administrator session is active.
I have multiple computers - should Heimdal be installed on all of them?
Yes. Heimdal will be installed on all PC and Mac staff computers.
Will Heimdal be installed on Linux computers?
Heimdal will not be installed on Linux computers.
Will Heimdal be installed on lab equipment?
Heimdal will only be installed on staff computers, not on lab equipment. If you discover that Heimdal has been installed on a lab machine, this is an error. Please contact your local IT support team.
What do I do if I have problems with Heimdal?
We anticipate that most staff will be able to do their work without any problems with Heimdal installed. See the Heimdal how-to guide here.
If you are still having problems, contact your local IT support team.
And if you are one of the estimated 2-3% of university employees who we anticipate will experience problems performing your daily tasks with Heimdal installed, please contact your local IT support team in order to find a solution.
Ultimately, it's up to your management to approve whether equipment should be exempt.
What does Heimdal look at and what data does AU access?
Heimdal looks at the processes that are running while administrator access is activated. Heimdal does not monitor what else you do on your computer or what emails, files, images, etc. you have on your computer.
This means that the only data Heimdal logs is your username, computer ID and the name of the application you are installing.
AU also gets access to log files that register when Heimdal has been activated in order for the user to access admin rights and which applications have been open during this time. We may need to make use of this application history and log files if problems occur, for example if there are viruses or malware and AU IT needs to identify the source of the problems.
Below you can read which data is available to AU through Heimdal:
Accessible:
- AU user ID
- Device ID
- Application history
Not available to Heimdal:
- Browser data on the device
- Your personal email, documents, contacts or calendar
- Your passwords
- Your photos
- Location of your device
Can Heimdal be used for surveillance of my computer?
No. AU cannot see or access emails, files, images, etc.
What happens when Heimdal is installed on my AU computer?
For most people, Heimdal will have no impact on their day-to-day, regular work on the computer, and it will not interfere with your work processes. Heimdal will only affect you when you install or update applications: from now on, you will need to use Heimdal to activate administrator rights first.
What are other universities doing?
Aalborg University and the University of Copenhagen both use Heimdal Security to protect access to administrator rights on staff computers in the same way as AU. DTU has chosen a different application that works in the same way.
What is the rationale behind the introduction of Heimdal?
The senior management team has decided that IT security at AU must be increased in accordance with the minimum technical requirements for the security of IT solutions for state authorities. According to these minimum requirements, access to administrative rights on staff computers must be restricted.
On this background, AU IT recommended this solution to the central security committee (CISU) and the senior management team has approved it, as the solution will provide a higher level of IT security without requiring micro-management of user rights and installations.
Read more about AU’s information security policy
Remote Desktop with Heimdal installed
On the PC you want to access via Remote Desktop:
Open "Local Users and Groups" through Heimdal > Privileges App Control > Tools > Computer Management > Local Users and Groups
Open Groups > double clik Remote Desktop Users > click the Add button
Enter your AUid and choose "Enter the object names to select" > chose "Check Names" > OK > Apply > OK