Jump to content
cutting_edgetech

Require full administrator rights for limited administrator accounts

Recommended Posts

Where has the setting for, "Require full administrator rights for limited administrator accounts" been moved to? Eset is driving me insane by having to elevate my window's privileges each time I respond to Eset's Firewall in Interactive Mode. I don't understand the purpose of this option, i'm not a limited Admin, yet Eset always makes me elevate my privileges to respond to firewall prompts. I'm the only Admin on the Computer other than the System Admin Account that is built into Windows 10 by default. I'm using Eset 13.2.18.0 on Windows 10 x64 Pro version 2004.

Edited by cutting_edgetech

Share this post


Link to post
Share on other sites

Why does Eset require users using Full Admin Accounts to answer UAC prompts if they choose to remember the action they took (create a firewall rule) when responding to firewall prompts? I'm using a Full Admin Account. I'm the only account on the system other than the default accounts that come preinstalled on Windows 10, like the the built in Admin Account that is used by the OS itself. I've tested all the other major AV vendors at one time or another and none of them have required using UAC to respond to a firewall prompt.

Share this post


Link to post
Share on other sites

FWIW the only time in Interactive mode that I get a UAC prompt is when I'm saving a rule.

Share this post


Link to post
Share on other sites
11 hours ago, cutting_edgetech said:

I don't understand the purpose of this option, i'm not a limited Admin, yet Eset always makes me elevate my privileges to respond to firewall prompts. I'm the only Admin on the Computer other than the System Admin Account that is built into Windows 10 by default.

The default account in Win 10 is limited Admin. Appears you are running instead under a standard user account? This is why you are getting the UAC alerts. Note that Microsoft has removed the full hidden Admin account from Home and I beleive Pro versions some time ago.

If you run as limited admin which BTW runs with standard user privileges and elevates to Admin status via UAC when required, this should eliminate these UAC alerts from Eset firewall in Interactive mode assuming UAC is set to default level. If UAC is set to max. level (recommended), the UAC alerts will continue.

Edited by itman

Share this post


Link to post
Share on other sites
6 hours ago, stackz said:

FWIW the only time in Interactive mode that I get a UAC prompt is when I'm saving a rule.

Something from Windows 10 or Microsoft Apps for Enterprise (Microsoft Office) is always requested outbound internet access. I have been creating rules since yesterday and i'm still being bombarded with Microsoft outbound request. I just had to respond to about 15 outbound request, one after the other after the desktop appeared. My computer would not boot the first 2 attempts, it stalled at the login screen, I waited for about 15 minutes, before trying to reboot each time. I believe all the outbound request from Windows before the desktop had a chance to load was causing Windows to freeze because the UAC prompt was unavailable for me to respond to yet.

Share this post


Link to post
Share on other sites
7 hours ago, itman said:

The default account in Win 10 is limited Admin. Appears you are running instead under a standard user account? This is why you are getting the UAC alerts. Note that Microsoft has removed the full hidden Admin account from Home and I beleive Pro versions some time ago.

If you run as limited admin which BTW runs with standard user privileges and elevates to Admin status via UAC when required, this should eliminate these UAC alerts from Eset firewall in Interactive mode assuming UAC is set to default level. If UAC is set to max. level (recommended), the UAC alerts will continue.

I created an Admin account when installing Windows. It's the only account that was created. I would have to check to see what Accounts Windows creates by default. I believe it still creates an Admin Account that can only be used by the OS. I had to take ownership of a registry key a couple of days ago, and I believe I remember seeing another Admin Account in there that had been created by the OS.

This is my first time using Windows in 2 years, so that's why I did not know Eset removed the option in the UI, "Require full administrator rights for limited administrator accounts". I had been using Eset since 2003 up until 2 years ago. I have only been using Linux for the last 2 years (Windows 10 broke compatibility with my MB firmware), but I have to use Windows 10 for some of my classes this semester due to some of the Enterprise Software I use. I will have to get reoriented with Windows since many OS changes have been made over the last 2 years. The last version of Windows 10 I used was Windows 10 Pro version 1709. That was the last version of Windows 10 that was compatible with my PC.

Edited by cutting_edgetech

Share this post


Link to post
Share on other sites

One solution here is to create a firewall rule to allow all outbound traffic. Set its logging severity level to Warning. Move the rule to the bottom of the existing rule set. This will create a Network protection log entry for every outbound request the rule is triggered for.

Create the rule just prior to shutting down the PC for the night. When you do a cold boot the next morning and the desktop appears and the system settles down, review the Network protection log for entries generated by the above rule. You can then create permanent firewall rules for the processes associated with these log entries as you see fit.

Note that monitoring all Win 10 outbound system and Store network activity is pretty an effort in futility.  System package and Store app directory and/or file names change with each app update.

 

Edited by itman

Share this post


Link to post
Share on other sites

Anyway, I still don't understand why Eset requires the user to elevate privileges to create a firewall rule when responding to firewall prompts. I don't believe disabling UAC is a good ideal, so that's not a good solution.  Maybe Eset can make a change in their design.

As  I stated above, it took me 3 attempts to get Windows to boot today. The only change I made to my system was changing Eset to Interactive Mode. I believe all the outbound request from Windows before the desktop had a chance to load was causing Windows to freeze because the UAC prompt was unavailable for me to respond to yet. As soon as the desktop successfully loaded on the 3rd attempt, I had to respond to about 15 UAC prompts one after the other since I had to create 15 outbound rules.

Edited by cutting_edgetech

Share this post


Link to post
Share on other sites
16 minutes ago, itman said:

One solution here is to create a firewall rule to allow all outbound traffic. Set its logging severity level to Warning. Move the rule to the bottom of the existing rule set. This will create a Network protection log entry for every outbound request the rule is triggered for.

Create the rule just prior to shutting down the PC for the night. When you do a cold boot the next morning and the desktop appears and the system settles down, review the Network protection log for entries generated by the above rule. You can then create permanent firewall rules for the processes associated with these log entries as you see fit.

Note that monitoring all Win 10 outbound system and Store network activity is pretty an effort in futility.  System package and Store app directory and/or file names change with each app update.

 

That's not really the solution I want, but I may try it if all else fails. Thanks! I have to do some Network, and Database work now for school.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...