2.2.11.2 ConsentPromptBehaviorAdmin
Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Value: "ConsentPromptBehaviorAdmin"
Type: REG_DWORD
Data: This MUST be a value in the following table.
|
Value |
Meaning |
|---|---|
|
0x00000000 |
This option allows the Consent Admin to perform an operation that requires elevation without consent or credentials. |
|
0x00000001 |
This option prompts the Consent Admin to enter his or her user name and password (or another valid admin) when an operation requires elevation of privilege. This operation occurs on the secure desktop. |
|
0x00000002 |
This option prompts the administrator in Admin Approval Mode to select either "Permit" or "Deny" an operation that requires elevation of privilege. If the Consent Admin selects Permit, the operation will continue with the highest available privilege. "Prompt for consent" removes the inconvenience of requiring that users enter their name and password to perform a privileged task. This operation occurs on the secure desktop. |
|
0x00000003 |
This option prompts the Consent Admin to enter his or her user name and password (or that of another valid admin) when an operation requires elevation of privilege. |
|
0x00000004 |
This prompts the administrator in Admin Approval Mode to select either "Permit" or "Deny" an operation that requires elevation of privilege. If the Consent Admin selects Permit, the operation will continue with the highest available privilege. "Prompt for consent" removes the inconvenience of requiring that users enter their name and password to perform a privileged task. |
|
0x00000005 |
This option is the default. It is used to prompt the administrator in Admin Approval Mode to select either "Permit" or "Deny" for an operation that requires elevation of privilege for any non-Windows binaries. If the Consent Admin selects Permit, the operation will continue with the highest available privilege. This operation will happen on the secure desktop.<8> |