User self-elevation occurs when mobile, remote, or power users need to run software that is usually run by only users with administrator-level permission. Risks can occur when users are allowed to self-elevate, so you should weigh carefully the decision whether to allow self-elevation. Application Control Solution includes a default policy that grants end users elevated rights on applications, and you can also modify the policy to gather feedback from end users.
Enable
...
self-
...
elevation
To enable self-elevation, do the following steps:
- From the Arellia Thycotic Security Manager Console, click the Policies tab.
- In the file library in the left pane, navigate to Application Control > Policies > Privilege Management.
- Click User Requested Run As Administrator Policy.
- In the right pane, click the red Off button to enable the policy.
For further details about enabling self-elevation, go to Application Control Agent Configurationagent configuration.
Testing
Test the self-elevation policy that users will see by doing the following steps:
...