Win11 Enterprise Subscription Step Up from Pro Requiring Admin Rights?

Iron Contributor

On Entra Joined devices, we are still getting toast notifications even though the Windows Store for Business, AppID 45a330b1-b1ec-4cc1-9161-9f03992aa49f is already excluded from CA policies.

 

My Intune support ticket engineer said that this is a known issue and the behavior is expected until a fix is in place. They have yet to address the original question from my ticket below.

 

When a user receives this toast and goes into the activation settings page to sign in, modern auth page comes up and user successfully signs in, but then it triggers an admin UAC prompt.

 

 

"C:\WINDOWS\system32\SystemSettingsAdminFlows.exe" LaunchClipRenew

 

 

That's the command that is being called when the UAC comes up. I have standard users so they can't just enter credentials; it won't work. We do utilize BeyondTrust Privilege Management, so I could add this to the policy to add an admin token to this command, but I don't want to put a band aid over something that shouldn't even be happening. 

 

Anyone else experiencing something similar?

0 Replies