,Japan
UAC is a technology that is the basis of security implemented in Windows OS after Windows Vista.
This made it impossible for malicious applications such as malware to easily modify the Windows system.
Windows does the following:
[Default behavior]
- Even if you log in to Windows with a user account that has administrator privileges, the application operates in user mode (standard user privilege)
- Display UAC dialog and notify the user when the application requests administrator rights (User Account Control)
- App can only run with admin privileges when yes is selected
[Example of UAC dialog]
UAC
"Allow apps from this unknown publisher to make changes to the device?"Well, the main subject.
The [runas.exe (runas command)] implemented in Windows has an option to skip the UAC dialog, so we will share how to use it.The UAC dialog will be displayed and the process will be interrupted if some of the programs registered in the startup program require administrator privileges. However, if you use runas, you can skip the step of clicking Yes .
As a bonus
The command prompt is a bit ...? Introducing software that can create runas command shortcuts for various people.
Harm of UAC
For example,The programs (shortcuts) registered in the startup folder are automatically executed when the Windows OS finishes loading, but when it is the order of programs that require administrator privileges, UAC reacts and processing is interrupted.
The user cannot proceed until they select "Yes | No."
[Windows startup process]
- PC power ON
- Windows system files are loaded
- Programs registered in the registry, task scheduler, and startup folder are loaded (startup processing)
- UAC reacts when there is a program requesting administrator rights and processing is interrupted
- Select [Yes | No] ← Bottleneck
- Start-up processing end
- Windows startup process end
Even if the program is confirmed to be safe, it is annoying because you cannot proceed until you select "Yes".
Startup folder
* Windows 10 exampleThe shortcut of the program to start automatically is arranged.
Startup Folder
xxx: Login account Name
C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Valid for all users
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
How to skip UAC
[PLAN-A, B, C]- Create a shortcut for the runas command
- Use ElevatedShortcut (Winaero Tweaker)
- Change the User Account Control setting to "Not notify"
This article describes the procedure for PLAN-A.
I will not describe PLAN-B because I wrote it in another article.
We don't recommend PLAN-C because it makes security less secure, but I posted the setting screen in the postscript.
runas check
Check whether runas.exe is executable.The command prompt can be started normally.
The command to execute.
> runas /?
When "RUNAS usage:" is displayed, you can use the runas command. Please also refer to the help that is displayed.
c:\_
| Administrator: Command prompt | ー □ × |
C:\Windows\System32 >runas /? RUNAS Usage: RUNAS [[/noprofile | /profile] [/env] [/savecred | /netonly]] /user: < username >program RUNAS [[/noprofile | /profile] [/env] [/savecred]] /smartcard [/user: < username >] program |
Can't get help?
If help is not displayed, runas.exe cannot be used.Make sure runas.exe exists in the following location.
Location of runas.exe
C:\Windows\System32\runas.exe
C:\Windows\System32\runas.exe
If help is not displayed even if you start the command prompt with administrator privileges, runas.exe cannot be used on your PC.
It's a pity ... (꒪⌓꒪)
Run from command prompt
If it works at the command prompt, it is recommended to save the set of commands you entered as a shortcut.The [/savecred] option will only show the dialog the first time. It is not displayed after the second time.
The format is as follows.
> Runas /savecred /user: administrator "<program path>"
Specify the full path for "<program path>"
The following is an example of starting the software "TClock" that can modify the clock in the notification area with administrator privileges.
c:\_
| Administrator: Command prompt | ー □ × |
C:\>runas /savecred /user: administrator "c:\tclock\tclock.exe" |
Create a shortcut
If you have followed the steps in the previous section, this step will just copy and paste.
1. Start the new creation wizard
Explorer > Home > New Items > Shortcuts
2. Enter the location
* Do not use the reference button[procedure]
- Enter the runas ... command under "Enter item location"
- Select next
runas /savecred /user: administrator <Program path>
3. Give a name
[procedure]- Enter any string under "Enter a name for this shortcut"
- Finish by clicking the
Input example: runas TClock
Are you required for a password?
If you are prompted for the administrator password when you execute the shortcut, enter the administrator password.From the second time onward, the [/savecred] option will work and you will not be prompted for a password.
runas parameter
Source: Runas -Microsoftparameter | Explanation |
/profile | Load the user's profile. This is the default value. This parameter cannot be used with the /netonly parameter. |
/no profile | Specifies not to load the user profile. This allows the application to load more quickly, but causes some applications to malfunction. |
/env | Specifies to use the current network environment instead of the user's local environment. |
/netonly | Indicates that the specified user information is remote access only. This parameter cannot be used with the /profile parameter. |
/savecred | Indicates whether this user has previously saved their credentials. In Windows Vista Home or Windows Vista Starter editions, this parameter is not available and will be ignored. This parameter cannot be used with the /smartcard parameter. |
/smartcard | Indicates whether the credentials are provided by the smart card. This parameter cannot be used with the /savecred parameter. |
/showtrustlevels | Displays the trust level that can be used as an argument to /trustlevel. |
/trustlevel | Specifies the level of authorization to run the application. Use /showtrustlevels to see the available trust levels. |
/user:/user:<UserAccountName> "<ProgramName> <PathToProgramFile>" | Specifies the name of the user account under which to run the program, the program name, and the path to the program file. The user account name format should be <User>@<Domain> or <Domain>\<UserAccountName>. |
/? | Display help at the command prompt. |
Summary
If you want to skip the UAC dialog at startup, register a runas shortcut.
runas /savecred /user: administrator
"Administrator" is a special Windows account.
If it is disabled, you will need to activate it.
Please read the related article for specific steps.
About Elevated Shortcut
ElevatedShortcut is software that allows you to create runas shortcuts with a GUI.Elevated Shortcut has been integrated into the Windows tuning software "Winaero", so it has been released as a single unit, but it can be obtained from the Internet Archive.
See related article for ElevatedShortcut information.
Reference: Turn off UAC
If User Account Control is set to "Not notify", the UAC dialog can be skipped, but it is not recommended for security reasons.[snap shot]
External link
Validation: Windows 10 Pro November 2019 Update, v1909.18363.836
:SC2
このサイトを検索 | Search this site
0 コメント