Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

Using Application Control Solution you can override UAC prompts for end-users. You can create custom messages that require users to submit a reason for requesting administrator rights, which replace UAC prompts for credentials.

You can create three types of custom messages: (For details on how to create this custom message, go to

  1. Self-Elevation Without Adding Administrator Rights will capture the reason and close the application. (For details on how to create this custom message, go to [READY] Self-Elevation Without Adding Administrator Rights.) 
  2. Self-Elevation will capture the reason and allow end users to automatically have administrator rights. (For details on how to create this custom message, go to [READY] Self-Elevation.)
  3. Request Elevation will capture the reason and go through an approval process with the help desk. (For details on how to create this custom message, go to [READY] Request Elevation.)

 

Overriding UAC prompts is a -step process:

  1. Create an Environment Variable Filter.
  2. Create an Environment Variable Action. this action is used to prevent the UAC prompt from showing
  3. Create a Blank Application Control Policy.
     

To create an Environment Variable Filter, do the following steps:

  1. In the Security Manager Console, click the Policies tab.
  2. In the file library in the left pane, navigate to Policies > Arellia Solutions > Application Control > Filters > Dynamic Filters > EnvironmentalVariables. 
  3. Right-click Environment Variables and click New > Environment Filter.
  4. In the Create Item dialog, enter a Name and Description.

  5. Set the variable Name to __APPINFO_RUNADMIN and set the Value of 1.
  6. In the Match Type menu choose Partial.
  7. Click Save.



To create an Environment Variable Action, do the following steps:

  1. In the file library in the left pane, navigate to Policies > Arellia Solutions > Application Control > Actions > Environment Variables.
  2. Right-click Environmental Variables and click New > Set Environment Variable Action.
     
  3. In the Create Item dialog, enter a Name and Description


     
  4. Set the Environmental Variable Name to __APPINFO_RUNADMIN
  5. Leave the Value field empty. 
  6. Click Save.

 

Next, create a Blank Application Control Policy by doing the following steps:

  1. In the file library in the left pane, navigate toNavigate to Policies > Arellia Solutions > Application Control > Policies. 
  2. Right-click Policies and click New > Blank Application Control Policy. 
     
  3. Set the application target to the new UAC detected filter from step 2
  4. Optionally you can change this so only certain applications or certain users will have the UAC prompt overridden
  6. Under Exclude conditions add the Administrators filter to stop child processes (which inherit elevation) from triggering this policy
  7. Click on the Application Actions tab and set the action to the Clear UAC dialog action from step 6
  8. Also set the action to include one of the following:
  9. Add Administrator Rights, and Justify Application Elevation Dialog (will behave like [READY] Self-Elevation)
  10. Add Administrator Rights, and Justify Application Elevation (kill process) Dialog (will behave like [READY] Self-Elevation Without Adding Administrator Rights)
  11. Add Administrator Rights, and Approval Request Form Action (will behave like [READY] Request Elevation)
  13. Save the policy and update the policies on an endpoint. Test the policy by right-clicking Command Prompt and selecting Run as administrator
  15. Instead of seeing UAC, you should see the custom message
  17. The recorded response will then be sent to the Arellia Management Server where it can be reviewed by the help desk team.

 

  • No labels