Disable the UAC in Windows Server 2012
If you get annoyed by the UAC dialog box, then this page explains how to disable these nagging messages on Windows Server 2012.
As with so many settings on a Windows computer you can control what happens via Group Policies. Since we are talking about Server 2012, our first decision is whether to call for the Group Policy Management Console (GPMC), or the Local Group Policy Editor, the choice depends on whether the server is part of domain.
To turn off the 'Continue ..' dialog box select this setting: User
Account Control: Behaviour of the elevation prompt,
Elevate without prompting: Allows privileged accounts to perform an operation that requires elevation without requiring consent or credentials. Note: Use this option only in the most constrained environments.
Observe in the screenshot above how all the other settings controlling the behavior of the elevation prompt for administrators in Admin Approval Mode, require credentials or prompt for consent. See more about configuring User Account Control: Behaviour of the elevation prompt
SolarWinds have produced three Active Directory add-ons. These free utilities have been approved by Microsoft, and will help to manage your domain by:
More UAC Policies for Windows Server 2012
This screenshot illustrates how you could disable the UAC in Windows Server 2012.
Other UAC security options worth investigating include:
SolarWinds' Network Performance Monitor will help you discover what's happening on your network. This utility will also guide you through troubleshooting; the dashboard will indicate whether the root cause is a broken link, faulty equipment or resource overload.
Perhaps the NPM's best feature is the way it suggests solutions to network problems. Its second best feature is the ability to monitor the health of individual VMware virtual machines. If you are interested in troubleshooting, and creating network maps, then I recommend that you give this Network Performance Monitor a try.
An Example of User Account Control (UAC) in Windows Server 2012
Let us consider this situation, you needed to install a driver, Windows Server 2012 presents you with a dialog box. After reading the UAC menu, you click: 'Continue' and thus receive elevated rights for the duration of the task. The key concept is you don't have to logoff and logon as an administrator. Instead Windows Server 2012 just switches tokens, performs the named task, and then returns you to normal user status.
As an example of UAC in action, let us assume that you wish to check the new System Restore settings. You launch the System Icon, (Windows Key and Pause / Break) then you click on 'System Protection' and up pops a Windows Security box - even if you are the Administrator. To gain the elevated rights needed to complete your mission, just click the 'Continue' button. See screen shot below.
A good habit to cultivate is always to check that the program specified in the central band, is the program you intended; in this case, 'Change Computer Settings'. Beware that if you are connected to the internet, then sites may have rogue programs that mimic this menu and trick you into installing Spyware.
The first point to realize is that by default even the administrator needs elevated privileges to make certain changes to the operating system. The good news is that you can avoid this nagging dialog box provided you are willing to take the risk that a rogue program, or more likely, an unintentional action could cripple your Windows server.
As a security measure the operating system temporarily blocks any executable that seeks to make a change that requires an administrator's approval. Each time this happens you can either click the 'Continue' button in the dialog box, or else modify the policy to disable the Windows Server 2012 UAC.
The benefit of using the Windows Server 2012s User Account Control (UAC) is that it enables you to run applications such as Excel, but in the context of an ordinary user. Then when you need to perform Administrative tasks such as installing a driver, UAC prompts you the necessary rights, all you need to do is click on 'Continue' and you have the permission to complete that one task.
Evolution of Windows Server 2012 User Account Control
Microsoft has not changed the UAC much from Server 2008 to Server 2012. There seems less debate on the merits of UAC this time around. Administrators seem polarized between those who turn it off, and those who accept the dialog box. Microsoft has helped by allowing more tasks to complete without the need for elevated privileges, thus less intrusion of the dialog box, and as a result less complaints from administrators. For example: we can adjust the mouse or amend the Power Settings without the UAC appearing.
In Beta versions of Windows Server 2008, UAC was called UAP (User Account Protection). More than just a change of acronym, this indicated that UAC is part of a larger security area, which Microsoft are rapidly evolving.
User Account Control is a development of least-privilege user access, or LUA. My view is that User Account Control has grown out of the 'Run as..' feature of Windows Server 2003 or the 'Switch User' feature of XP.
There are programs such as Regedit where you need to right-click and 'Run as administrator'. PowerShell or cmd would be other programs where certain tasks result in an error message such as:
'The requested operation requires elevation'.
The answer to avoiding this message is to think ahead and 'Run as administrator. Even better, find the 'Advanced Box', and tick the box so that you always receive elevated administrative privileges.
Summary of Disable UAC in Windows Server 2012
The problem is the User Account Control dialog box interrupts the flow of configuring a setting. The solution of editing the group policy is a little more tricky on Server 2012 in a domain, than Windows 8 client in a workgroup.
If you like this page then please share it with your friends
Microsoft Windows Server 2012 Topics