Elevate New Hardware Wizard

When you change user accounts from Administrator level to User level, you are reducing your users' level of access as way of securing your system. However, using Application Control Solution you can reduce users' privileges while allowing them to add simple hardware devices that usually require Administrator level access.

Allow users to elevate new hardware by doing the following steps:

  1. Create a filter to capture rundll32.exe. Note: You can use Process Explorer to view the actual command line which was executed when the New Hardware Wizard starts and you can use the additional information to create a Command Line filter to make it very specific when the wizard is elevated and when it is not.
  2. Create a policy for this process.
    1. Add the filter (and the command line filter if created as an include condition).
    2. Add the Application action of Add Administrator rights (as a possibly even more reduced rights option you can try adding either or both Power Users and the specific privilege to Load and Unload Device drivers instead of Administrators).
    3. Add the other necessary settings - correct Resource Target, priority, settings for child processes and enable the policy.

Note:

Most hardware additions will have the same needs, but the same settings may not work for all hardware: Test and adjust as necessary.