Skip to main content

I am trying to modify User Account Control (UAC) settings on my test device where BeyondTrust Privilege management (BTPM) components (client, adapter, and package manager) are installed and running as expected. I am trying to set UAC as ‘Never notify’ but I am getting an error which says, ‘You must be logged on as an administrator on this computer to select this setting’. I am attaching the screenshot as well.

This is required to be modified by few users in our environment for application installations, running scripts etc. Can anyone let me know if this modification of UAC settings can somehow be accommodated in BTPM Policy?

Hi.

First you should run over the requirements for UAC settings for PM, you will notice a it has a requirement for UAC to be enabled.

If UAC is turned off, the PM Client is not allowed to show a UAC replacement.

https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0017076

Then UAC settings should be controlled from a GPO/intune policy, and not allow a standard user to be touched or tampered with.
PM Policy should also be configured not to allow anyone to touch these settings, typically found under Restricted functions.

Reply


Badge Earners

  • BCIE: Password Safe
    Lakshmi Parvathihas earned the badge BCIE: Password Safe
  • BCIE: Privileged Remote Access
    1000Wasserhas earned the badge BCIE: Privileged Remote Access
  • BCA: Endpoint Privilege Management - Mac
    vimal88has earned the badge BCA: Endpoint Privilege Management - Mac
  • BCSE: Privileged Remote Access
    Kevin MUhas earned the badge BCSE: Privileged Remote Access
  • BCA: AD Bridge
    ErenYenerhas earned the badge BCA: AD Bridge
Show all badges
Terms & ConditionsCookie settings