Dec 01 2023 07:14 AM
Hi,
I am just evaluating EPM and I just wanted to clarify the functionality. I've deployed my settings policy and created a rule to allow a specific app to run with evaluated privileges. The policy was deployed successfully to the PC. When I clicked on the test application (that requires elevated privilege permission) I got the UAC prompt, which is what I was expecting. Next I right click the app and this time select "Run with elevated access". For info the policy sets the application evaluation type to "Automatic" so the app loads with out the user having to enter a justification. I then close the app and this time just double click it to open it and it opens no UAC prompt or with the need to me to click "Run with elevated access" . I can see with Procmon that the application is running under the EPM account so I believe it is working OK.
My question is once a application has been run once with the "Run with elevated access" command is it then approved to run all the time with out the need to select the "Run with elevated access" command? It not a massive issue as the app is authorised but it would be good to understand if this behaviour is correct.
Thanks
Dec 01 2023 11:43 PM
Dec 02 2023 12:29 AM
Dec 04 2023 02:08 AM
Dec 04 2023 03:07 AM
Dec 04 2023 03:22 AM
@Rudy_Ooms_MVP I am using Rufus for testing, it's an app that requires elevated permissions to run. The policy is as follows:
Dec 04 2023 04:15 AM
Dec 06 2023 08:53 AM