Re: Use of credentials with UAC in vista
- From: "Toad" <toad@xxxxxxx>
- Date: Wed, 20 Aug 2008 03:29:25 GMT
Mr. Bean wrote:
"Mr. Arnold" <MR. Arnold@xxxxxxxxxx> wrote in
news:e5Qk5ahAJHA.3728@xxxxxxxxxxxxxxxxxxxx:
An admin on vista is locked down to a Standard user secuirty token,
until such time it needs to use the Admin Full rights Secuirty
token, the the admin's rights are ecalated to Full Admin rights, as
being discussed in the links.
http://news.softpedia.com/news/Admin-Approval-Mode-in-Windows-Vista-
453 12.shtml
http://technet.microsoft.com/en-us/library/cc709691.aspx
There is another account on Vista that has Admin Full Rights on
Vista, with UAC enabled.
<http://www.computerperformance.co.uk/vista/vista_administrator_acti
vat
e.htm#Summary_of_Vista_Administrator_-_Super_User_(Hidden_Account)>
This is what is wrong with Vista IMO. They took away the ability to
run the OS how I want. I don't want UAC running and prefer to use a
limited user account without UAC. But the problem with that is that
in Vista if you run under a limited user account you can't run
anything with admin privileges if something needs it like you can on
XP. The run as admin command is there but it just runs the exe
without admin privilieges and never asks for admin user name and
password. That means I have to log back into the admin account
whenever I need to run a prog that needs admin access. I don't have
to do that on XP so in this way Vista is worse than XP. I hope they
change this in Windows7 because how I choose to run the OS should be
a users choice and not enforced by Microsoft. I ran withy UAC for a
long time but finally got fed up wityh it so created a limited user
account instead so that when I am connected to the internet I still
have good protection from malware etc. That's how I have always run
XP and is how I would prefert to run Vista too. UAC is for the dweebs
who never ran XP under a limited user account.
I run as a limited user on Vista. What I did was write my own service
called "Superuser Manager" that if and only if my limited user account
is a member of the Superuser group (which only can be changed using a
admin account), then when I log in using my limited user account, the
service adds me to the Administrators group. Then, when I "run as
administrator" something, I am prompted for my own password (Note that
I named my admin account zadmin so that is shows up after my own LU
account so that my LU account is the default) and the program runs as
me with admin rights - I do not have to enter my admin accounts
password at all. When I logoff, the service removes me from the
Administrators group for the next logon. I use the same technique on XP
(where you can do it with a service or a winlogon DLL which is not an
option on Vista).
The real problem with UAC is that you should only ever enter your own
password - if you know an admin account password, then why wouldn't you
just log on as that user to begin with ? (at least in a real multi-user
computer situation).
Toad
--
.
- References:
- Use of credentials with UAC in vista
- From: kapibarra
- Re: Use of credentials with UAC in vista
- From: Mr. Arnold
- Re: Use of credentials with UAC in vista
- From: Mr. Bean
- Use of credentials with UAC in vista
- Prev by Date: Re: Sidebar - it's gone and won't come back!
- Next by Date: Re: stop animation
- Previous by thread: Re: Use of credentials with UAC in vista
- Next by thread: Re: Use of credentials with UAC in vista
- Index(es):
Relevant Pages
|
