Event banner

Uplevel security with Endpoint Privilege Management + Windows LAPS

Event Ended
Tuesday, Nov 28, 2023, 07:00 AM PST
Online

Event details

It's simple. Running devices as standard user can help lower your attack surface. Let's talk about the threats we face today, the keys to implementing "just enough" access for your users with Microso...
Char_Cheesman
Updated Dec 27, 2024
Technical Takeoff
Paul_Woodward's avatar
Paul_Woodward
Iron Contributor
Nov 28, 2023
Also having run as administrator and run with elevated access in the context menu is confusing. Any plans to change that?
  • Matt_Call's avatar
    Matt_Call
    Icon for Microsoft rankMicrosoft
    Nov 28, 2023
    Hey Paul! Thanks for the feedback. We understand the two different menus are confusing. We are formulating a plan to hopefully remove some of that confusion. More to come in the future.
    • BryanDam's avatar
      BryanDam
      Brass Contributor
      Nov 28, 2023
      matt, a follow up on this. Must the end-user select 'Run with Elevated Access' in order to make use of the EPM policy? That is, let's say there's a policy to let this user run this app. What happens if they just double click the app to run it?
      • FishingNotPhishing's avatar
        FishingNotPhishing
        Icon for Microsoft rankMicrosoft
        Nov 28, 2023

        BryanDam it depends.  If the policy is for zero touch (automatic) elevation, then double-clicking the file will allow it to elevate through EPM.

         

        However, if the policy is for user confirmed elevation, then double-clicking the file will just run it non-elevated.  The user needs to use "Run with elevated access" for elevating using a policy rule which specifies user confirmed elevation.

Date and Time
Nov 28, 20237:00 AM - 7:30 AM PST