+ Post New Thread
Page 3 of 4 FirstFirst 1234 LastLast
Results 31 to 45 of 48
Windows Server 2008 R2 Thread, How many of you disable UAC? in Technical; Well, I disabled it a while ago due to an issue but am working back toward having it enabled again. ...
  1. #31

    sparkeh's Avatar
    Join Date
    May 2007
    Posts
    6,752
    Thank Post
    1,278
    Thanked 1,651 Times in 1,106 Posts
    Blog Entries
    22
    Rep Power
    506
    Well, I disabled it a while ago due to an issue but am working back toward having it enabled again.
    Problem here is that staff are historically used to a lot of freedom and there is little will from above to change that. But things are slowly being locked down and UAC will make a comeback when everything is fully tested.

  2. #32

    Join Date
    Dec 2008
    Location
    Nottingham
    Posts
    574
    Thank Post
    38
    Thanked 115 Times in 105 Posts
    Rep Power
    46
    We have it enabled here - if people complain, I explain to them that having a limited user account reduces the risk of virus infection - for most situations limited user account + UAC means that any fun downloaded files they run can only run with their privileges, reducing the attack surface area (and limiting damage).

  3. #33

    Join Date
    Jul 2010
    Location
    UK
    Posts
    20
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Dissabled here. Group Policy stops people doing what they shouldnt be doing.

  4. #34
    mrbios's Avatar
    Join Date
    Jun 2007
    Location
    Stroud, Gloucestershire
    Posts
    2,480
    Thank Post
    351
    Thanked 261 Times in 213 Posts
    Rep Power
    99
    Quote Originally Posted by DannyBroadhurst View Post
    Dissabled here. Group Policy stops people doing what they shouldnt be doing.
    UAC and group policy can't be considered the same thing. That's like saying "i don't need AV, i've got group policy" (no im not comparing UAC to AV either, it's just an example)

  5. #35

    Join Date
    Jul 2010
    Location
    UK
    Posts
    20
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0
    No i know that but UAC in most cases will stop people accessing programs it deems as unsuitable for the user.
    I just set up policies withing GP to dissalow Certain exe's within a OU.

  6. #36
    chazzy2501's Avatar
    Join Date
    Jan 2008
    Location
    South West
    Posts
    1,782
    Thank Post
    213
    Thanked 263 Times in 213 Posts
    Rep Power
    67
    Quote Originally Posted by sparkeh View Post
    Problem here is that staff are historically used to a lot of freedom and there is little will from above to change that.
    Our XP machines gave the teacher admin rights over their own laptop! We used to have utorrent etc. all over the place!? When I introduced Windows 7 it was THE opportunity to make them normal users.

    I put my case to the SMT before hand.

  7. #37

    sparkeh's Avatar
    Join Date
    May 2007
    Posts
    6,752
    Thank Post
    1,278
    Thanked 1,651 Times in 1,106 Posts
    Blog Entries
    22
    Rep Power
    506
    Quote Originally Posted by chazzy2501 View Post
    Our XP machines gave the teacher admin rights over their own laptop! We used to have utorrent etc. all over the place!? When I introduced Windows 7 it was THE opportunity to make them normal users.

    I put my case to the SMT before hand.
    Oh I totally agree, but I guess you managed to get SMT backing right?
    Things are changing though.

  8. #38

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,955
    Thank Post
    886
    Thanked 1,700 Times in 1,477 Posts
    Blog Entries
    12
    Rep Power
    448
    Quote Originally Posted by DannyBroadhurst View Post
    No i know that but UAC in most cases will stop people accessing programs it deems as unsuitable for the user.
    I just set up policies withing GP to dissalow Certain exe's within a OU.
    That can be easily by-passed with a little know how.

  9. #39

    Join Date
    Jul 2012
    Posts
    58
    Thank Post
    2
    Thanked 2 Times in 2 Posts
    Rep Power
    5
    Enabled site wide - Old badly maintained software is not my problem, the security of the network however is, besides the only time i EVER see UAC is if I'm at a computer trying to elevate to install/Fix something.

    besides all of our mis is web based now along with pretty much everything we use, the pcs here are pretty much web browsers and ms office use only now.

  10. #40

    Join Date
    Jul 2006
    Location
    London
    Posts
    2,962
    Thank Post
    159
    Thanked 152 Times in 116 Posts
    Rep Power
    49
    Enabled here and never even considered turning it off - mainly because I've never found any reason to do so. Amazed there is still software that can't deal with it. I like it because if someone needs something installed like a one off plugin or update I can just go their desk and pop an admin password in without having to log them off.

  11. #41

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,172
    Thank Post
    868
    Thanked 2,699 Times in 2,288 Posts
    Blog Entries
    11
    Rep Power
    772
    Enabled everywhere, again can't believe people still shut it off on 2013.

  12. #42

    Join Date
    Jul 2010
    Posts
    106
    Thank Post
    0
    Thanked 14 Times in 14 Posts
    Rep Power
    11
    I am amazed people disable UAC, we haven't found a single application that causes an issue when we upgraded to windows 7 x64 and we have software from as far back as 1998.

    If you do find an application that does causes an issue you can usually work round it with Microsoft Application Compatibility Toolkit.

  13. #43

    Join Date
    Jun 2008
    Posts
    718
    Thank Post
    118
    Thanked 64 Times in 52 Posts
    Rep Power
    31
    This is what I have to disable UAC (something that was simply ported over from the XP days).

    What settings do you guys use for UAC?

    User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Elevate without prompting
    User Account Control: Behavior of the elevation prompt for standard users Automatically deny elevation requests
    User Account Control: Detect application installations and prompt for elevation Disabled
    User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled
    User Account Control: Run all administrators in Admin Approval Mode Disabled

  14. #44

    X-13's Avatar
    Join Date
    Jan 2011
    Location
    /dev/null
    Posts
    9,094
    Thank Post
    592
    Thanked 1,953 Times in 1,351 Posts
    Blog Entries
    19
    Rep Power
    814
    Quote Originally Posted by SYNACK View Post
    Enabled everywhere, again can't believe people still shut it off on 2013.
    Tis the RM way... their stuff doesn't work properly with it on.

  15. #45
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,456
    Thank Post
    10
    Thanked 494 Times in 434 Posts
    Rep Power
    112
    I use these for UAC enabled, with the minimum of annoying messages for end users and admins.

    User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode: Elevate without prompting
    User Account Control: Behavior of the elevation prompt for standard users: Automatically deny elevation requests
    User Account Control: Virtualize file and registry write failures to per-user locations: Disabled

SHARE:
+ Post New Thread
Page 3 of 4 FirstFirst 1234 LastLast

Similar Threads

  1. How many of you are MCTS....????
    By Liss in forum Courses and Training
    Replies: 24
    Last Post: 26th May 2012, 07:25 AM
  2. How many of you support others? e.g expanded IT support services
    By GarnierSkinNaturals in forum General Chat
    Replies: 9
    Last Post: 26th July 2011, 09:31 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •