Using Application Control Solution you can override UAC prompts for end-users. You can create custom messages that require users to submit a reason for requesting administrator rights, which replace UAC prompts for credentials.
You can create three types of custom messages: (For details on how to create this custom message, go to
- Self-Elevation Without Adding Administrator Rights will capture the reason and close the application. (For details on how to create this custom message, go to [READY] Self-Elevation Without Adding Administrator Rights.)
- Self-Elevation will capture the reason and allow end users to automatically have administrator rights. (For details on how to create this custom message, go to [READY] Self-Elevation.)
- Request Elevation will capture the reason and go through an approval process with the help desk. (For details on how to create this custom message, go to [READY] Request Elevation.)
To override UAC prompts, do the following steps:
- In the Security Manager Console, click the Policies tab.
- In the file library in the left pane, navigate to Policies > Arellia Solutions > Application Control > Filters > Dynamic Filters > Environmental Variables.
- Right-click Environment Variables and click New > Environment Filter.
- In the Create Item
- Set the variable name to __APPINFO_RUNADMIN with a value of 1
- Set the Match Type to Partial
- Save the filter
- Navigate to Policies > Arellia Solutions > Application Control > Actions > Environment Variables
- Right-click Environmental Variables and select New > Set Environment Variable Action
- Give the action a name, such as Clear UAC dialog
- Set the Environmental Variable name to "__APPINFO_RUNADMIN" and empty value
- Save the action (this action is used to prevent the UAC prompt from showing)
- Navigate to Policies > Arellia Solutions > Application Control > Policies
- Right-click Policies and select New > Blank Application Control Policy
- Set the application target to the new UAC detected filter from step 2
- Optionally you can change this so only certain applications or certain users will have the UAC prompt overridden
- Under Exclude conditions add the Administrators filter to stop child processes (which inherit elevation) from triggering this policy
- Click on the Application Actions tab and set the action to the Clear UAC dialog action from step 6
- Also set the action to include one of the following:
- Add Administrator Rights, and Justify Application Elevation Dialog (will behave like [READY] Self-Elevation)
- Add Administrator Rights, and Justify Application Elevation (kill process) Dialog (will behave like [READY] Self-Elevation Without Adding Administrator Rights)
- Add Administrator Rights, and Approval Request Form Action (will behave like [READY] Request Elevation)
- Save the policy and update the policies on an endpoint. Test the policy by right-clicking Command Prompt and selecting Run as administrator
- Instead of seeing UAC, you should see the custom message
- The recorded response will then be sent to the Arellia Management Server where it can be reviewed by the help desk team.