Forum Discussion
Endpoint Privilege Management - "Run with elevated access" only required once?
Hi, I am just evaluating EPM and I just wanted to clarify the functionality. I've deployed my settings policy and created a rule to allow a specific app to run with evaluated privileges. The po...
Hi Rudy_Ooms_MVP
Thanks for the response, yes the policy is set to automatic but the question I was trying to ask, apologies if I wasn't clear, is why on first clicking of a approved privileged app it would cause the UAC prompt to appear and require the user to use the "Run with elevated access" command then after that the user can just double click the app and it will load i.e. not having to go through the "Run with elevated access" process. I am trying to document the process for users so I am just trying to understand if this behaviour is by design.
Thanks for the response, yes the policy is set to automatic but the question I was trying to ask, apologies if I wasn't clear, is why on first clicking of a approved privileged app it would cause the UAC prompt to appear and require the user to use the "Run with elevated access" command then after that the user can just double click the app and it will load i.e. not having to go through the "Run with elevated access" process. I am trying to document the process for users so I am just trying to understand if this behaviour is by design.
Which app did you configured for epm elevation? As doing this for powershell doesn't give you the uac prompt. I assume that app needs to perform some other tasks first to be able to be launched automatically. If you have the name of the app or could share some more info, i could try to see whats happening and give you the reason why that uac is shown
Rudy_Ooms_MVP I am using Rufus for testing, it's an app that requires elevated permissions to run. The policy is as follows:
- Mmm... i just added the app with the same values as you did in epm and I can launch it without getting an additional uac prompt. Did you perhaps configured any additional uac settings? that could interfere with the consentpromptbehavior settings in
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System- Thanks for taking the time to test this. I've been playing around adding other apps and they are working as you describe so I can only assume the first issue I had was a bit of a hic-up (or a issue between the seat and keyboard). Thanks for the help.