Vista Forums - View Single Post - Disable UAC for all admins (not just for the SID -500 Administrator)but enable it for Standard Users

permalink · 10-16-2007

I want to achieve, that administrative accounts are completely free,
they shall not be restricted by UAC.
I can do that for the Root-Administrator-Account, the one with the -500
SID. But I want to free "john doe", if he is Domain Administrator.

"Elevate without prompting" is not adequate, because programs that do
not force an elevation of rights ("asInvoker") would run with the
stripped down token.

So, why can't I do that? Or: how? Any ideas?

Thanks Thorsten

10-16-2007	#1 (permalink)
Thorsten Butz n/a posts	Disable UAC for all admins (not just for the SID -500 Administrator)but enable it for Standard Users I want to achieve, that administrative accounts are completely free, they shall not be restricted by UAC. I can do that for the Root-Administrator-Account, the one with the -500 SID. But I want to free "john doe", if he is Domain Administrator. "Elevate without prompting" is not adequate, because programs that do not force an elevation of rights ("asInvoker") would run with the stripped down token. So, why can't I do that? Or: how? Any ideas? Thanks Thorsten
My System Specs