Vista User Account Control
ConsentPromptBehaviorAdmin
Vista Registry Hack - ConsentPromptBehaviorAdmin
This is the situation: you are logged on at a Vista computer as administrator,
and you wish to make a configuration change. Up pops the UAC (User account Control) and ask, 'If you started this action, continue'. You must click on that 'Continue' button before Vista completes
your configuration.
New in Vista, is a security check whereby you need elevated rights
before you can make any changes. Normal behaviour in Vista is that everyone operates with only minimal
user rights; yet if you really are the Administrator, then you can call for elevated rights.
Frankly, if you are not in a sensitive security environment, then this UAC procedure is a pain. Vista, drove me mad, so I sought a registry hack to remove the need to click 'Continue' in the security box every time I need to make a
configuration change.
Please note that if you don't want to use the registry to change the Vista UAC behavior, Microsoft provide a Local Group Policy to suppress the UAC dialog box. See here for details of how to control:
Behavior of the elevation prompt for administrators.....
If you want
to go ahead and change the behavior of the Windows Security dialog using the registry, this is how you alter ConsentPromptBehavior.
Launch regedit and navigate to: HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System Trap: When you navigate to : HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\
Beware, at first I overlooked the \System sub folder.
The default value is : "ConsentPromptBehaviorAdmin" = dword:00000002. This means: Display
the UAC dialog box
Change to: "ConsentPromptBehaviorAdmin"
= dword:00000000.
Setting the value of "ConsentPromptBehaviorAdmin" to zero bypasses the new UAC interface and the administrative task completes without further user interaction.
In Vista there is no need to even logoff, changes to "ConsentPromptBehaviorAdmin" are applied straight away.
Do you find the ConsentPromptBehaviorAdmin value in HKCU** or HKLM? Answer: HKLM
Should you add a value, or modify an existing setting? Answer: Modify 00000002 --> 00000000
Is ConsentPromptBehaviorAdmin a String Value or a DWORD? Answer: DWORD.
Do you need to Restart, or merely Log Off / On?
Answer: Neither. Changes to ConsentPromptBehaviorAdmin happen straight away.
Tip: Add this Value, ConsentPromptBehaviorAdmin to Regedit's Favorites menu
See more about Local System Policy and UAC behavior
Recommended: Solarwinds' Permissions Analyzer - Free Active Directory Tool
I like the
Permissions Analyzer because it enables me to see WHO has permissions
to do WHAT at a glance. When you launch this tool it analyzes a users effective NTFS
permissions for a specific file or folder, and takes into account network share
access, then displays the results in a nifty desktop dashboard!
Think of all the frustration that this free SolarWinds utility saves when you are
troubleshooting authorization problems for user's access to a resource.
Give this permissions monitor a try - it's free!
If you use the Control Panel or the Local Policy to control the UAC then you get a notification to warn you that the UAC has been turned off. What
this registry hack does is disable that notification box.
Launch regedit and navigate to: HKEY_CLASSES_ROOT\CLSID\{FD6905CE-952F-41F1-9A6F-135D9C6622CC}
You have two choices, either disable or
delete. If you go for the disable, then you could rename the key, for example {FD6905CE Notify}.
UAC (User Account Control) was a hot topic in
Vista Betas. Here is a short history of how this system evolved. Indeed, UAC may still be evolving in the sense that more and more people turn off the 'Continue' dialog box.
Build 5270 Incidentally, note the better graphics, for example the glowing 'Permit' button
Build 5112
Decision to alter the behaviour of User Account Control
Technically, when you want to perform an administrative action in Vista,
the operating system switches tokens and asks you
to confirm the action that is about to take place. The advantage of ConsentPromptBehavior is that it allows you to just click on a button which says 'Continue'.
No more struggling with the pound, ampersand or what ever strange keystrokes your
password requires.
Does ConsentPromptBehavior compromise the whole idea of extra security? Yes and No. Yes, if you leave your machine unlocked and some psycho takes advantage of an unattended
machine. No, because it
still protects you from rogue programs such as maleware that are trying sneaky back door activities on your machine. If you are concerned about
security then do not change either the registry or the local policy settings. If security is not paramount
and you know who you where your real security enemies are, then go ahead,
join me by removing this nagging UAC dialog box.
Guy Recommends: A Free Trial of the Network Performance Monitor
(NPM)
SolarWinds'
Orion performance monitor
will help you discover what's happening on your network. This
utility will also guide you through troubleshooting; the dashboard will
indicate whether the root cause is a broken link, faulty equipment or
resource overload.
What I like best is the way NPM suggests solutions to network
problems. Its
also has the ability to monitor the health of individual VMware
virtual machines. If you are interested in troubleshooting, and creating
network maps, then I recommend that you try NPM now.
Whenever you make a change to
the Vista operating system that could compromise security, then up comes a UAC
dialog box. If you are security conscious then you will applaud this
measure, read the menu and click on 'Continue'. However if you are a
developer or administrator in a secure environment, then you may decide to edit
the registry or change the local policy and thus bypass this nagging menu.
If you like this page then please share it with your friends
Guy Recommends:
SolarWinds' NPM - Network Performance Monitor
SolarWinds' performance monitor is designed for detecting network outages,
making it easy to see what's working, and what needs your attention.
This utility guides you through creating network maps; it also helps
identifying whether the
root cause is faulty equipment, or resource overload. Give NPM a try.
