Windows 10: Why has Microsoft not set up 'remote approval' for Admin elevation on a Standard Account...

This has been an issue for years - and post Covid, even more of an issue. There are good reasons for restricting a user to Standard account privileges for normal day-to-day operation - not just to protect the system from the user, but also from malicious activity malware, hacking, viruses, trojans etc. As an Admin I still prefer to run in a Standard account and only access the Admin User account when required.The issue is that if IT Admin no longer being immediately accessible for various reasons then the user runs into an issue with needing Admin privileges on occassion, usually in the mi

:)

 

Using same password for both Local Admin and Standard accounts?

You should not use the same password because that's almost the same thing as not having standard user account but just using administrative account.

There is a technique call "privilege escalation", and if you have same password you'll make attacker's job easier.

Keep in mind that for this to be most effective you need UAC maxed out, this way "privilege escalation" scenario is less likely.

If having separate password for each account is such a problem, make your standard user account password short, ex. max. 5 characters, because loosing control of standard account isn't problem at all for local system; important is that Admin account is min. 8 chars with complexity policy in place. (loosing Admin account means loosing everything else)

If you want to go one step further and make your accounts even more safe make sure user accounts are not enumerated during login or UAC approval.

Also important step is to prevent keyloggers from capturing your password as you type them, to ensure this does not happen never use hardware keyboard for UAC or login prompt, use virtual keyboard instead.

If you use remote access to your computer make sure CTRL + ALT + DEL is required prior to logging in.

 

User Account Control and Admin Approval mode

Thanks for the replay.

I'm not sure I have explained my problem correctly

I have a built in Com X card running som Sw that demands Admin privilegies to start up.

by setting, Run all administrators in Admin Approval mode to Disable, the Sw can starup with out user doing anything.

But i the customer access the build in PC by remote desktop the customer can change User Account Control Settings in the user control.

That possibility I would like to disable.

As I understand it that is not done by the suggestion, or do I miss understand

Br Rene

 

Elevating/Accquiring the Admin Token in Administrator vs Standard Accounts in Windows

I've recently been confused by how UAC works between Standard accounts and Administrator accounts,

As we all know, when UAC is turned on, UAC allows Standard Accounts or Administrator accounts in Admin Approval Mode to gain access to the administrator token in order to perform tasks that require administrative access to the machine - allowing us to switch
tokens without switching users,

However, it appears that switching tokens is not really what happens: A while ago, I ran an application that would modify the shell (explorer.exe). I ran the program in a Standard Account, but it needed elevated access: therefore, I used UAC to supply admin
credentials so it could complete. I did not seen any change to the shell; I then logged into the administrator account whose credentials I used and I saw that the shell in that account had been changed, which was obviously not what I wanted

It appeared to me that UAC was just basically a "Run-as user" type deal where it actually ran the program as that user. This meant that I wasn't just running it elevated: I was literally running the program as that user,

My question is: is it possible for a standard account to use the administrator token but actually run the program as a standard user and use the current user's profile? Otherwise, it seems to me that if you need to do any administrator tasks, you are pretty
much required to log in to an administrator account which defeats the whole purpose of UAC - since UAC runs a program as the administrator, rather than using just the administrator rights,

Is this separation of token and profile possible? Or do all users just have to be administrators in that case? It seems to me this would account for many organizations just granting full administrator access to all users,

Can someone please shed some light on this?

I would like to know if it would have been possible to supply an administrator token to the said program, but run that program in the current user account, not the user account of the administrator whose credentials were supplied - in other words, would it
have been possible to modify the shell in the Standard account with that program? The goal would be to launch the process as the logged in user (regardless of current privileges) with administrative rights, not as a process under an account with admin rights.

I am not referring to Admin Approval Mode or how UAC works. I already know that if UAC is set to a secure setting, even Administrators will be prompted and unless it is turned off, administrators use the standard token by default. I am talking about when
the administrator token is gained, is it possible to still run the process as the logged in user, just with the admin token? (not using Run As 'user' but maybe something like run as/with 'token'), etc... In this way, it would be using generic administrative
privileges rather than one user's administrative privileges.

Is this at all possible, or have I just pointed out a feature not in Windows by design or something?

Would I, to achieve the goal described here, have to perhaps turn the standard account into an administrator account any time anything that requires elevation needs to be done, and then turn it back into a standard account when done? Based on comments, it appears
that this is not possible and that seems to be a flaw in the OS because it makes UAC basically useless.

Hope this makes sense,