Use Local Security Policy to customize UAC behavior
Users of the Professional, Enterprise, and Ultimate editions of Windows 7 can use the Local Security Policy console to modify the behavior of UAC. Start Local Security Policy (Secpol.msc), and open Security Settings\Local Policies\Security Options. In the details pane, scroll down to the policies whose names begin with "User Account Control ." For each policy, double-click it and click the Explain tab for information before you decide on a setting. With these 10 policies, you can make several refinements in the way UAC works—including some that are not possible in the User Account Control Settings window. For details about each of these policies, see "UAC Group Policy Settings" at w7io.com/1523.
Regardless of your UAC setting, the shield icons still appear throughout Control Panel, but you won't see UAC prompts if you've lowered the UAC protection level. Clicking a button or link identified with a shield immediately begins the desired action . Administrators run with full administrator privileges; standard users, of course, still have only standard privileges .
Don't forget that UAC is more than annoying prompts . Only when UAC is enabled does an administrator run with a standard token. Only when UAC is enabled does Internet Explorer run in a low-privilege Protected Mode. And, of course, only when UAC is enabled does it warn you when a rogue application attempts to perform a task with systemwide impact. For these reasons, we urge you not to select the bottom option in User Account Control Settings, which turns off UAC completely.
Was this article helpful?