Making uses a proper administrator?

[cyberspace]

How can I avoid this nonsense of having to right click and run as administrator?

also just wondering how to make my own account (which is administrator) be able to modify system files etc without having to add myself in on the security tab? It's rather irritating!

Can I not just log on as Administrator?

'When all else fails.......read the manual'

 

[ArizonaGeek]

Administrator by default is disabled, by default the only way to log in is to log in via Safe Mode. But you could go in and re-enable Administrator.

Microsoft really set this up as a security measure similar to Unix or Linux. While there have been "Admin" users in previous versions of Windows this is the first one that more or less disables the actual Admin user. It keeps the script kiddies from having admin access on your PC if it should ever be compromised.

There are lots of ways around it but really, since it is a measure that by-passes security it probably won't be discussed here.

Cheers
Rob

The answer is always "PEBKAC!

 

[cyberspace]

Well so long as I know you can enable it, then that's fine.

The thing is, all you have to do to run it is to right click, and then select to Run as Administrator...which happens no questions asked...so I don't see the security there.

Inconvenience...yes, security...not so sure?

I wasn't aware of this the other day at a friends house where i was doing some spyware scans. Went away to watch a bit of TV..came back and the scans had finished...then when i clicked to fix in Spybot...it said I didn't have permission!

So I was trying to clean the machine and it said no

I've also had problems with restoring stuff, whereby an "admin" user didn't have permission to write to Documents and Settings and some system folders and totally screwed the restore operation.

Personally I think it's rubbish, but thats entirely subjective.

I appreciate not wanting to discuss the actual details of circumventing these "features", fortunatley I should be able to find out for myself.

rant over

'When all else fails.......read the manual'

 

[ArizonaGeek]

Well it is a security feature, basically if someone downloads something they shouldn't, or leaves their PC unsecured and someone remotely gets access to it and a proggie tries to run itself it alerts the user. Problem is most Windows users just click Allow without reading it anyway. So in that respect it's pointless. The service pack 1 that is due very shortly here is supposed to get rid of a lot of the pop-ups and questions. So it might be something you can wait on.

I am a Unix/Linux guy so to me this is something that has always been there. Just new to everyone else.

Cheers
Rob

The answer is always "PEBKAC!

 

[linney]

You mention "Documents and Settings and some System Folders", which may not easily be accessible in Vista by design.

See if this quoted note from a Microsoft Vista Beta Team Member throws any light on the matter?

"The junctions are there to only provide appcompat for legacy apps and aren’t meant for a user to traverse through. The junctions have been explicitly set to block read through them by setting Everyone Deny Read. The main reason here is because these are just links to the actual location, so you dont want backup tools and other tools operating on your data twice, once from the original path and once via the junctions. There are scenarios where some of these junctions actually form a loop to support the appcompat for the old namespace in comparison to the new and in those cases allowing read through them is disastrous, for e.g. setup was broken for a week when the file system wasnt honorign the deny read.

Also as far as a user goes, you will never see these as they are system hidden, and you will need to take explicit action to see them by default".



See what you have available in Group Policy too.

Run gpEdit.msc

Go to: Computer Configuration | Windows Settings | Security Settings | Local Policies | Security Options

User Account Control: Run all users including Administrators as standard users - Disable