4

Run into a little bit of a snag with Windows 10, and it's a fairly well known one - the problem is that I'm struggling to find a Windows 10 compatible fix that actually works!

It's the old "regular users have to input their password to load task manager" chestnut again. How, exactly, do I work around this? Seeing as that inputting any valid credentials in gives you access to the task manager, I don't see why this is needed. I've mucked around with the UAC GPOs to try and get it to work, but that hasn't helped. I've also tried to start task manager with Windows, which in itself would be ideal as I can do that without elevation - but I can't see how to start it minimized, as everything I've seen simply doesn't take effect.

Any solutions would be much appreciated. As to why our users need task manager; well, Microsoft Office likes to tie itself in knots every now and again. It's much better for everyone's productivity to be able to actually kill the rogue tasks themselves!

Luke Milum
  • 51

3 Answers3

1

Run this, and logoff/on

setx.exe __COMPAT_LAYER runAsInvoker

If you have Admin rights and run this then some commands [e.g. gpedit.msc] will no longer auto-elevate and you will need to "Run as Administrator"

opscc
  • 11
1

Finally I have found the solution to this. Props go to a reddit post.

The issue is with the group policy "load and unload device drivers". Computer configuration -> Policies -> windows settings -> security settings -> local policies -> user rights assignment -> load and unload device drivers.

if this is set to a group the limited user is a member of (everyone, domain users, etc) then the prompt is displayed. if you set it instead to Administrators, the prompt is suppressed and everything works fine. I am not sure the ramifications of changing this value as it has been set for us since time immemorial. Seems to have to do with accepting unsigned device drivers. If everything suddenly stops working then i will have to set it back, but the setting goes all the way back to win2k so it may no longer be relevant (except to F up my shiz)...

Zoobra McFly
  • 31
0

I've had this problem for past 4 months. I used to be a domain admin and removed that from my daily account. It was driving me mad getting UAC prompted for basic tasks like you mentioned. I finally took a deeper look at my group memberships. The key for me was looking at indirect (nested) memberships (I used Adaxes to do so, not sure best way to do so using standard AD tools). My account was a member of Group Policy Creator Owners. After removing that, doing gpupdate and finally a reboot I was able to launch stuff like Event Viewer, Task Manager, etc without the UAC prompt!!

Brian Ladd
  • 1