cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Feature request fix Remote Assist bypass UAC prompt

idk1613
Brass Contributor

‎Mar 25 2020 09:13 AM - last edited on ‎Feb 10 2023 04:41 PM by

‎Mar 25 2020 09:13 AM - last edited on ‎Feb 10 2023 04:41 PM by

Feature request fix Remote Assist bypass UAC prompt

I have to say there must be a gap in MS Windows testing processes. I don't understand how they fail to allow an IT help desk agent, Sys Admin or DevOps or anyone suppose to succeed in remote assistance to a client and make admin changes. MSRA use to work until Windows 10 1903. Quick Assist works okay. Can you not make it easier for the client to just click a link and open quick assist and have them type the code in? 

 

Problem:

Help desk staff, System Admins and etc. need the ability to see a users desktop remotely and be able to make changes like installing software, setting changes and etc. If we disable UAC prompts or lower the level why do we need to take that risk. If I want to install something why do I get a black screen. Why do we have to pay $$$ for other software (teamviewer,logmein, etc.) that can do this. This is a feature that should be built in to any OS. Look at Mac OS and other unix systems they have this feature built in for free.  

 

This should be a secure desktop and not inhibit the service of your products please fix this issue ASAP! During an emergency like COVID-19 MS products cannot be relied upon even for the simplest tasks. Its great you add complexity and the latest AI features (woooa) but you cannot even do the simple things painlessly and well. I guess we will go broke spending $$$ to teamviewer, logmein, and etc because they can do the simple things pretty well.

 

I am disappointed when I try to rely on MS products they fail at the simple things. It provides me with job security but from an engineering perspective you all have lost touch how your products are used in the world (design specs/ needs analysis). You all are like a disappointing stranger. I just want you to help hold the door open while I carry the heavy box through the door. By either holding the door open, or prop it open but you just let it go and the door closes in my face before ever accomplishing such a simple task.  

 

https://attack.mitre.org/techniques/T1088/

https://docs.microsoft.com/en-us/windows/security/identity-protection/user-account-control/user-acco...

https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-ac...

 

Labels:
12K Views
0 Likes
5 Replies
Reply
5 Replies
Yann_Duchateau

‎Jun 03 2020 10:48 AM

‎Jun 03 2020 10:48 AM

Re: Feature request fix Remote Assist bypass UAC prompt

@idk1613you are jealous because you do not know how to be permanently an Admin with Permanent privileges on a Windows Remote Desktop Session. Simple : you add a group in the Active Directory with Full Security Priviledges, and you add this Group Locally on the concerned to the Remote Desktop Users, and The Local administrators list. And you remotely connect with a user Member of this group. Or Like Microsoft you implement a Local SuperUser (Administrator) Account when installing the Computer.

0 Likes
Reply
idk1613

‎Jun 03 2020 02:40 PM

‎Jun 03 2020 02:40 PM

Re: Feature request fix Remote Assist bypass UAC prompt

@Yann_Duchateau 

 

I am talking about remote assistance not remote desktop. I think you misunderstand the problem. The issue is why a security group cannot be set (like they allow this on unix machines) to be allowed to remotely assist clients or vendors on a shared screen through the secure desktop prompt in an enterprise environment. Why do I have to take on more risk to be able to effectively resolve issues for clients. Why do I have to pay for a service. Allow this through quick assist or another app that has mfa in front of it. I think it is terrible customer service model to create a product but not offer the resources or access to IT admins to do their job. 

2 Likes
Reply
Reza_Ameri-Archived

‎Jun 04 2020 06:23 AM

‎Jun 04 2020 06:23 AM

Re: Feature request fix Remote Assist bypass UAC prompt

@idk1613 as you mentioned Quick Assist should work , but you will need some improvement, so please open Feedback Hub and share feedback on how to improve it.

Support for Windows 7 and earlier version of Windows already ended and if you use Windows 8 and Windows 10, you will have Quick Assist and in general Remote Assistance is not general.

0 Likes
Reply
Yann_Duchateau

‎Jun 05 2020 06:47 AM

‎Jun 05 2020 06:47 AM

Re: Feature request fix Remote Assist bypass UAC prompt

@idk1613Quick assist has interesting features, but it is too powerful to be put in any hands in my Opinion, Remote Desktop, when safely set-up, is sufficient for me. Beside, 3rd Party Software are so expensive most of the time, that suddenly Microsoft prices on this Matter look legit to me.

0 Likes
Reply
idk1613

‎Jul 20 2023 08:02 AM

‎Jul 20 2023 08:02 AM

Re: Feature request fix Remote Assist bypass UAC prompt

The solution around this is to move to Remote Help with Microsoft Intune. You do not run into any UCA challenges. If you want to use Splashtop, Quick Assist or other Remote Assistance tools you will need to downgrade the security of the UAC security settings which poses the risk of spoofed UAC prompts. The newer version of Quick Assist requires a UAC prompt for future changes. To avoid this risk Remote Help with Microsoft Intune is the best solution for Windows EPs only. Remote Help at this time of this writing is not supported by macOS, iOS, or Android. It would be nice if Microsoft could create a remote assistance tools for all platforms to allow IT teams successful IT remote assistance for service desks but I guess that is too much to ask for a holistic solution. https://learn.microsoft.com/en-us/mem/intune/fundamentals/remote-help
0 Likes
Reply