Broken Task Manager access in Windows 10

Bill Artemik 1 Reputation point
2022-01-27T18:48:31.573+00:00

We have a WIndows 10 Pro system that requires the user to enter elevated privileges when trying to access Task Manager from her restricted user account (all machines on this network are using least privileges). This is the ONLY computer on the domain that is requiring this.

After doing some research I found a policy on the LOCAL machine that is for "load and unload device drivers" that is set to "domain users". The article said this will cause Task Manager to ask for admin creds to load. They recommended setting this back to the Administrators group and life will be grand. (see article: https://www.reddit.com/r/sysadmin/comments/7j3qjy/windows_10_task_manager_triggers_uac/dr4nvoe/ ).

I tried accessing the policy on the local computer but I'm unable to edit this policy (after running group policy editor from admin command prompt). So I looked at the domain to see if there was a policy for this. There is NOT. This isn't coming from the DC.

How can I fix this? Is it possible to FORCE this policy change somehow?

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
10,824 questions
Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,863 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Limitless Technology 39,436 Reputation points
    2022-01-28T09:00:23.43+00:00

    Hello BillArtmik

    It is indeed strange, and the fact is that you should be able to edit those policies as administrator. I wouldn't discard that there are other management and administration issue on this computer, so in case of a enterprise environment you may want to look into saving user data and reimaging.

    In your case, the only workaround I can think of is to reset all Local Policies using an elevated command prompt and run:

    RD /S /Q "%WinDir%\System32\GroupPolicyUsers" && RD /S /Q "%WinDir%\System32\GroupPolicy"

    then run a gpupdate /force to load the domain GPOs

    If you get any access denied error or 0x5 that would mean that your user has not enough privileges to manage local policies.


    --If the reply is helpful, please Upvote and Accept as answer--

    0 comments No comments