- Microsoft Remote Server Administration Tools for Windows Vista for x64-based Systems (KB941314)
- Microsoft Remote Server Administration Tools for Windows Vista (KB941314)
When running the admin tools, we need to be prompted by UAC for credentials so that we can authenticate in the management console as domain admin.
If, however, we are working on a Windows Vista workstation where the user account has local admin priviledges, then the UAC will only prompt to continue on into the admin consoles.
This will not work for managing servers as that elevation is local admin only.
We need UAC to prompt for credentials every time. To do this we do the following:
- Start
- GPEdit.msc [Enter]
- Navigate to: Local Computer Policy --> Computer Configuration --> Windows Settings --> Security Settings --> Local Policies --> Security Options:
UAC Prompt: Behaviour for admins
- Change the default from "Prompt for Consent" to "Prompt for credentials"
UAC Behaviour Options
- Click Apply and OK
- Close the Local Group Policy Editor
This setting is machine specific, so any users of the machine will need to enter their domain credentials if they are presented with a UAC prompt. Keep this in mind for systems that are used when at the client site for server management.
Thanks to Josh's Windows Blog for providing us with the tip: Windows Vista Tip: Run as administrator.
Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.
2 comments:
You can still use "runas /user:domain\administrator C:\path\to\snapin.msc" to achieve this without changing UAC.
ShellRunAs is a nice GUI way of doing this, also without requiring changing UAC.
Chris,
Thanks for the pointers.
I will look into them as an alternative.
Having credentials being requested has not been too much of a hassle yet ... but anything that saves a bit of time is an asset.
Thanks,
Philip
Post a Comment