uac One of the features Vista’s UAC lacks is a way to temporary disable it without reboot. Under Linux you can just run the su command if you to have to accomplish several tasks that need root privileges. Vista and Windows Server 2008 don’t have such a feature. The only way to get rid of the UAC prompts temporarily is to logon with a domain administrator account. But sometimes this is very inconvenient. This is where a nice workaround, which I found in the Windows IT pro magazine (April 2008, p. 10) can be quite useful.

Latest posts by Michael Pietroforte (see all)

The trick is to elevate the desktop shell (explorer.exe), temporarily. Any tool that is launched from an elevated application will run with administrator rights. And best of all, UAC will not display its disturbing prompts from then on. The downside of this solution is that you have to kill the explorer process, first. You can just imagine the problems, it might cause. So I would recommend using this workaround with caution.

Here is how it goes. Create a batch file with the extension cmd with these two lines

Taskkill /F /IM explorer.exe
start C:\Windows\explorer.exe

/F means that the task is killed forcefully, and /IM stands for the image name, i.e. the file name of the process. Be careful with the second line. I had a typo in it which left me with an empty desktop. In such a case you can launch explorer.exe with the Task Manager (CTRL+ALT-DEL -> File -> New Task (Run…)).

You have to run this batch file with admin privileges (right click on it and navigate to “Run as administrator”). The UAC prompt will just be displayed once. After that you won’t see it again in this session. Note that not only those applications where its icon contains a UAC shield will be launched automatically with admin privileges, but also those programs which should never be elevated (Internet Explorer for example).

Well, this is like in the good old XP times. You will again be the absolute master of your machine. What I find interesting is how easy it is to trick UAC. If malware manages it somehow to entice you to click just once on a UAC prompt, it will be the master of your computer from then on.

Unfortunately there is no easy way to switch back to standard user rights like under Linux. After you finished your administrative tasks you have to logoff and logon again. Please, let me know if you know of any other way.

Subscribe to 4sysops newsletter!

Another option to turn off UAC is the TweaUAC. I could have sworn that before SP1, rebooting Vista wasn’t required. But when I tried it today, this didn’t work anymore.

0
14 Comments
  1. Lukas Beeler 13 years ago

    I didn't try it, but wouldn't killing explorer.exe again and relaunching it from the task manager work?

    0

  2. SLam 13 years ago

    That should also work.

    0

  3. Leonardo 13 years ago

    Perhaps make use of Runas?
    I've UAC partially disabled, so I'm not annoyed by prompts yet still run IE in protected mode (that's all I really care about)

    0

  4. Lukas, Slam, this was also my first idea, but it didn’t work. I must admit I don’t know why.

    Leonardo, I think Runas won’t help here because one has to get rid of the elevated explorer.exe.

    0

  5. Leonardo 13 years ago

    Michael: I meant, using Runas to start up the User-Mode Shell...
    Killing the elevated explorer.exe is no problem...
    Thing is, starting explorer as in the example below yields some mutated partial UAC and the classic "Where's my systray crap?":
    (Usage, run once for elevate, run again for failure)
    =========================
    @echo off
    if exist "%temp%\exbat.tmp" goto undo
    Taskkill /F /IM explorer.exe
    start C:\Windows\explorer.exe
    echo 1 > "%temp%\exbat.tmp"
    goto end
    :undo
    del "%temp%\exbat.tmp"
    Taskkill /F /IM explorer.exe
    runas /trustlevel:0x20000 C:\Windows\explorer.exe
    :end
    =======================
    My ADD and the voices in my head have notified of my loss of interest (been a couple hours, messing with services & registry keys)... I'm secpoling things back to normal .

    0

  6. Marty 13 years ago

    You should do a small amount of research before posting hacks like this. You don't need to crash the desktop shell, just tell explorer to create a separate process when new instances are launched:

    reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v SeparateProcess /t REG_DWORD /d 1 /f

    If that value is set, anytime an elevated administrator session launches explorer.exe, it will create a new process without UAC enabled.

    And how do this tip even compare to su on Linux? Does su replace your desktop shell when you run it? Two different tasks going on here. And if you want su on Windows, Micrsoft has made several versions that are free, or there's the built-in runas.exe (but it won't allow you to pipe in a password from stdin) or there's many 3rd party tools like PsExec.exe or su alternatives, etc. etc.

    For best security, your normal day-to-day user account should not be a member of the local Administrators group, even if you have UAC enabled. You should logon interactively with a standard user account, and then open your favorite command ptompt with a different ser account, one that is a member of the local Administrators group.

    There is lots of good info already been written on this topic, for example:
    http://blogs.msdn.com/aaron_margosis/

    0

  7. Leonardo 13 years ago

    @Marty - Where's the fun in using 3rd party apps when I can screw around for hours, find a partial solution and then abandon the whole project as if I was just killing time?

    You are correct in the implication that this is not the medium for such screwing around, though.

    0

  8. Leonardo,nice idea, but the problem is that you can’t run explorer.exe with runas under Vista. I suppose, there is a registry setting for this, too.

    Marty, thanks a lot for the hint. For the copy-and-pasters: The command works without the quotation marks:

    reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v SeparateProcess /t REG_DWORD /d 1 /f

    Then you run start C:\Windows\explorer.exe without taskkill. Windows Explorer will pop-up then. If you want to switch back to the shell with standard rights, you just have to close this Windows Explorer window.

    As to the su command. I think one can compare runas to sudo, but not to su. I compared this tip with su because it is very similar from the user’s point of view. After you launched explorer.exe this way, you get a new Windows shell (not just a command prompt) with no restrictions. I know of no other solution that is able to do this. Do you?

    0

  9. Mark Wilson 13 years ago

    I (stupidly) ran the reg key in comment 10 without checking to see what the original value was... what do I need to do to return my system to the original state please? Is it safe to delete this value?

    0

  10. Mark, you can enable/disable this feature via the folder option of Windows Explorer: “Launch folder Windows in a separate process.”

    0

  11. Rohn 12 years ago

    Tried it, but it doesn't work. Used tip 12 (documented in another post) to set the reg key. Shut down my session (logged off). Restarted. Confirmed that the flat is still turned on. Displayed taskmanager, found Explorer running as user. Started another explorer session using "run as administrator". Saw the separate explorer process start as admin, then almost instantly the separate admin rights process disappeared, but the explorer window kept running. Starting app from this supposedly "elevated" explorer session did not work as expected.

    Any suggestions would be appreciated.

    Vista Business, 32bit, SP1, patched up to date.

    0

  12. Rob 10 years ago

    Reduction from elevated explorer is very easy. Simply put, dont close the original command shell. This shell window stays active as the user who launched it, so basically...

    You run the command shell, launch a NEW command shell as admin & use that one to kill & launch explorer.

    When done with explorer, kill it from the elevated shell, close the elevated shell and from the non-admin shell reopen explorer.

    Now you are back to how the user was before you touched it.

    0

Leave a reply

Please enclose code in pre tags

Your email address will not be published. Required fields are marked *

*

© 4sysops 2006 - 2021

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account