Hello. I’m working on a way to elevate wt.exe. If I right-click on the windows flag and select Terminal (Admin) or if I right-click on it from within the start menu, I am presented with a BT authentication message (as designed). I enter my admin creds and it takes me to the Windows UAC. It is hitting the application group “(Recommended) Add Basic Admin - Restricted LOLBAS”
How can I pass the token through?
Best answer by Paul
Hi
However, from what you are describing there are potentially a few areas to explore.
You are using a prompt for a designated user to authorize the user’s action - this message type can be configured to run the application as the authorizing user which if the user account is not a local administrator could cause a native UAC prompt to appear.
Another possibility is that the application rule is not configured to elevate the process, but instead to run it passively - when EPM has applied the assigned rule behavior (e.g., running the application with a Passive token), if the application still requires elevation and it hasn’t been provided by EPM, then UAC will then be triggered.
The other consideration is that Windows Terminal is a modern Windows application type (Universal Windows Platform/UWP), specifically a Centennial application - these are broadly handled by EPM as ‘Windows Store Applications’.
EPM also has specific support for Centennial applications, handling them via Application Rules, even when they are launched via the ‘Run as administrator’ context menu (or custom menu item), which means rule order processing needs to be considered to ensure you are handling the application correctly.
The wt.exe you reference is actual an alias for the Terminal application, rather than being a traditional executable - so if you are hitting configuration which is trapping it, settings like child process inheritance are relevant depending upon what is being matched.
Apologies for the rather vague answer, but hopefully I’ve given you some areas to explore.
This is from the application perspective that is hitting this behavior even when you enforced BeyondTrust ruleset or policy for the Admin elevation of Wt.exe , it will do keep hitting Windows UAC prompt when trying to access it as admin ( by right click + run as admin).
Same case is seen in Task manager as well as some users who upgraded from win 10 to win 11 , when they opened task manager normally it goes to admin elevation required.
When tried to suppress that admin elevation UAC prompt at one time Beyondtrust elevation popup came but after elevating it again shows the Windows UAC prompt.
Hi
However, from what you are describing there are potentially a few areas to explore.
You are using a prompt for a designated user to authorize the user’s action - this message type can be configured to run the application as the authorizing user which if the user account is not a local administrator could cause a native UAC prompt to appear.
Another possibility is that the application rule is not configured to elevate the process, but instead to run it passively - when EPM has applied the assigned rule behavior (e.g., running the application with a Passive token), if the application still requires elevation and it hasn’t been provided by EPM, then UAC will then be triggered.
The other consideration is that Windows Terminal is a modern Windows application type (Universal Windows Platform/UWP), specifically a Centennial application - these are broadly handled by EPM as ‘Windows Store Applications’.
EPM also has specific support for Centennial applications, handling them via Application Rules, even when they are launched via the ‘Run as administrator’ context menu (or custom menu item), which means rule order processing needs to be considered to ensure you are handling the application correctly.
The wt.exe you reference is actual an alias for the Terminal application, rather than being a traditional executable - so if you are hitting configuration which is trapping it, settings like child process inheritance are relevant depending upon what is being matched.
Apologies for the rather vague answer, but hopefully I’ve given you some areas to explore.
Hi
Would be interested to know if you found a solution to your problem!
I’m also facing issues with the wt.exe/windowsterminal.exe application first hitting a rule and then prompting native Windows UAC.
I’m reviewing my existing rules if they are affecting them atm. With troubleshooting I even find different behavior between the 2 executables. BT doesn’t like Windows apps!
I will probably log a case tomorrow or Friday.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
