(i) by modifying the registry.
Open Registry Editor regedit. In the registry, find the following
HKEY_LOCAL_MACHINE \SOFTWARE \microsoft \ \currentversion \policies \system
Change the value of the registry key named Enablelua to 0 to close Registry Editor and reboot the system to apply the changes. If you need to reopen the UAC feature, simply change the value to "1".
(b) Modified by Group Policy.
In the local security policy, you can also customize the behavior that is controlled by the user account.
You can open the Local Security policy window by entering "Secpol.msc" in the search box in the Start menu and pressing ENTER. In the console tree on the left, expand local policy-the Security Options branch, and in the details pane on the right, there are 10 user Account Control options. The specific meanings of the 10 policy options are described below.
1. Standard user's elevation prompt behavior If you are logged on to the Ghost Win7 system as a standard user, the user Account Control behavior is shown in the following figure when running tasks that require administrator privileges.
Automatic rejection of elevation requests: no prompts, no elevation of privileges.
Prompt credentials: Elevated permissions, prompting the user to enter credential information for an administrator.
2. Elevation prompting behavior for administrators in Admin Approval Mode when you log on to the system with an administrator account (except for the built-in administrator), the user account controls the following behavior if you want to run a management task.
Do not prompt, direct promotion: No hint, directly elevated permissions.
Consent hint: Elevated permissions, prompting the user to click the "Continue" button or the "Allow" button to confirm elevated administrative rights.
Prompt credentials: Elevated permissions, prompting the user to enter an administrator's account password.
3. Detects application installation and prompts for elevation when a user installs an application, the user account controls the following behavior.
Enabled: User Account Control automatically detects the installer, can automatically elevate permissions, prompts the user to click the "Continue" button or the "Allow" button, or enter an administrator account password.
Disabled: No prompts, no elevation of privileges. The installer may fail because of a lack of permissions.
4. Virtualization of File and registry write errors to per-user locations
This is a compatibility setting for user Account Control, allowing some legacy applications to function properly on Ghsot win7.
When Discovery is an older version of the application, user Account Control behavior is as follows.
Enabled: Applies compatibility settings.
Disabled: Legacy applications may fail without applying compatibility settings.
5. Promote only uiaccess applications that are installed in a secure location
This policy entry is used to securely set up applications running on a secure desktop, and applications that need to run a privileged system-level zone such as%programfiles% can be promoted and require windows to have their own components.
This column more highlights: http://www.bianceng.cnhttp://www.bianceng.cn/Servers/zs/
It is generally not necessary to set the policy item, and the default setting is recommended. Disabling this setting can greatly reduce system security.
6. Switch to secure desktop when prompted for elevation
When the User Account Control dialog box pops up, it switches to the secure desktop, which can improve the security of the system and avoid being attacked by malicious programs.
Enabled: Enable secure desktop switching.
Disabled: Disabling secure desktop switching.
7. Run all administrators in Admin Approval Mode
This determines whether the user Account Control option is enabled.
Enabled: Enable the User Account Control feature.
Disabled: Disabling the user Account Control feature. This will greatly reduce system security.
8. Administrator Approval mode for the built-in Administrator account
By default, the user Account Control feature is not enabled for the built-in administrator.
Enabled: Enables user Account Control for the built-in administrator.
Disabled: The user Account Control feature is not enabled for the built-in administrator.
9. Allows uiaccess applications to elevate permissions without using a secure desktop.
This policy is used to set whether the control user interface accessibility (uiaccess or UIA) program can automatically disable the secure desktop that the standard uses for elevation prompts.
Enabled: UIA programs (including Windows Remote Assistance) automatically disable the secure desktop for elevation prompts. If you do not disable the "User Account Control: Switch to secure desktop when prompted for promotion" policy setting, you will be prompted on the interactive user desktop instead of the secure desktop.
Disabled: Default setting, the secure desktop can only be disabled by users of the interactive desktop or disabled by disabling the "User Account Control: Switch to secure desktop when prompted for promotion" policy setting.
10. Promote only the signed and validated executable file
The system determines whether an application has an identifiable source and can verify that the publisher's identity is legitimate.
Enabled: If the application does not have a recognized source, the prompt is not popped, and permission elevation is directly denied.
Disabled: Disables this option, which is the default option for the system.