Versions Compared

Old Version 9

changes.mady.by.user Max Pinion (Deactivated)

Saved on

compared with

New Version 10

changes.mady.by.user Max Pinion (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Self-Elevation Without Adding Administrator Rights will capture the reason and close the application. (For details on how to create this custom message, go to [READY] Self-Elevation Without Adding Administrator Rights.)  
  2. Self-Elevation will capture the reason and allow end users to automatically have administrator rights. (For details on how to create this custom message, go to [READY] Self-Elevation.)
     
  3. Request Elevation will capture the reason and go through an approval process with the help desk. (For details on how to create this custom message, go to [READY] Request Elevation.)

 

To override UAC promptsOverriding UAC prompts is a two-step process:

  1. Create an Environment Variable Filter.
  2. Set an Environment Variable Action.
     

To create an Environment Variable Filter, do the following steps:

  1. In the Security Manager Console, click the Policies tab.
  2. In the file library in the left pane, navigate to Policies > Arellia Solutions > Application Control > Filters > Dynamic Filters > EnvironmentalVariables. 
  3. Right-click Environment Variables and click New > Environment Filter.
  4. In the Create Item dialog, enter a Name and Description.

     
  5. Set the variable Name to __APPINFO_RUNADMIN and set the Value of 1.
  6. In the Match Type menu choose Partial.
  7. Click Save.


  8. Save the filter
    9. Navigate

To set an Environment Variable Action, do the following steps:

  1. In the file library in the left pane, navigate to Policies > Arellia Solutions > Application Control > Actions > Environment Variables Variables.
  2. Right-click Environmental Variables and select Variables and click New > Set Environment Variable Action Action. 
  3. Give the action a name, such as Clear UAC dialog
  4. Set the Environmental Variable name to "__APPINFO_RUNADMIN" and empty value
  5. Save the action (this action is used to prevent the UAC prompt from showing)
  6. Navigate to Policies > Arellia Solutions > Application Control > Policies 
  7. Right-click Policies and select New > Blank Application Control Policy 
  8. Set the application target to the new UAC detected filter from step 2
    1. Optionally you can change this so only certain applications or certain users will have the UAC prompt overridden

  9. Under Exclude conditions add the Administrators filter to stop child processes (which inherit elevation) from triggering this policy
  10. Click on the Application Actions tab and set the action to the Clear UAC dialog action from step 6
  11. Also set the action to include one of the following:
    1. Add Administrator Rights, and Justify Application Elevation Dialog (will behave like [READY] Self-Elevation)
    2. Add Administrator Rights, and Justify Application Elevation (kill process) Dialog (will behave like [READY] Self-Elevation Without Adding Administrator Rights)
    3. Add Administrator Rights, and Approval Request Form Action (will behave like [READY] Request Elevation)
  12. Save the policy and update the policies on an endpoint. Test the policy by right-clicking Command Prompt and selecting Run as administrator 
  13. Instead of seeing UAC, you should see the custom message
  14. The recorded response will then be sent to the Arellia Management Server where it can be reviewed by the help desk team.

...