Saturday, March 24, 2018

windows - Elevated command prompt without prompting




I have the following situation on a set of servers (Windows Server 2008 R2):




  • Domain User A (local administrator) launches cmd.exe on server 1. This is as elevated (seen in title Administrator:*)

  • Domain User B (local administrator) launches cmd.exe on server 1. This is as elevated command prompt.

  • Domain User A (local administrator) launches cmd.exe on server 2. This is NOT launched as elevated command prompt.

  • Domain User B (local administrator) launches cmd.exe on server 2. This is NOT launched as elevated command prompt.


    • Builtin administrator launches cmd.exe on server 2. This is as elevated command prompt.





All cmd.exe launches are without prompting.
For all command prompt shortcuts the advanced setting for "Run as Administrator" is switched off.



There seems to be a different setting that causes the same effect as the "Run as Administrator" checkbox. I cannot find the setting however (neither in the system nor online). The machines are part of the same domain (and domain policy). It seems to be a machine setting, since for the normal users the behavior is equal. Only the builtin\administrator works differently.



What is the setting?




ps. The setting "Run as administrator" works fine to mimic the behavior, but I would like to understand the situation as I have it.



Things checked (based on comments):




  • What I also see is that if you launch the run dialog it already displays the message "This task will be created with administrative privileges"

  • I have also checked this AppCompatFlags setting, but it has not been set: https://superuser.com/a/697002/1030237


Answer



While there might be multiple possible causes for command windows being administrative by default, if Explorer is running elevated that is a sure sign that User Account Control has been disabled.




On Windows 7 or Server 2008 R2 this may be because the UAC slider has been set to "Never Notify".



On Windows 10 or Server 2016 the only way to disable UAC that I am aware of is by setting the local security policy option "UAC: Run all administrators in Admin Approval Mode" to Disabled.


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...