Using the default self-elevation users can give justification and launch applications with administrator rights (for details, go to Self-Elevation). The following steps allow users to request elevation, but not to add administrator rights to the application.
- In the Security Manager Console, click Policies.
- In the file library in the left pane click Policies > Arellia Solutions > Application Control > Actions > Messages > Advanced.
- Right-click Justify Application Elevation Action and click Clone.
- Right-click the cloned message and select View as XML.
- Click Edit.
- Navigate to <terminateExitCode>100</terminateExitCode> and change the 100 to 0.
- Then click Import at the bottom of the XML Viewer.
- Next navigate to the User Requested Elevation Justification Policy.
- Change the Application Actions to the clone of the Justify Application Elevation Message and also leave the Add Administrator Rights
- These requests will then be viewable in the Event Summary and Acknowledgement Viewer.
Doing the above steps will allow Arellia Application Control to work correctly but will not continue adding administrative rights to a program after a justification is given because the terminateExitCode change from 100 to 0.