Only Windows 7 Professional and above editions have a front end secpol.msc to manage local security policies.
For Windows 7 Home Edition you can manage the security policies by manually changing the registry values.
The registry location is shown in the picture below.
The corresponding security levels is as describe below:
Key:
_______________________________________________________________
ConsentPromptBehaviorAdmin (Affects account created as Administrators)
Value - Mode_______________________________________________________________
0 - Elevate Without Prompting (No Security) NOT RECOMMENDED
1 - Prompt for Credentials on the secure desktop (Most Secure) RECOMMENDED
2 - Prompt for Consent on secure desktop (Default Setting)
3 - Prompt for Credentials
4 - Prompt for Consent
5 - Prompt for Consent for non-Windows Binaries
Key:
_______________________________________________________________
ConsentPromptBehaviorUser (Affects account created as Users)
Value - Mode
0 - Elevate Without Prompting (No Security) NOT RECOMMENDED
1 - Prompt for Credentials on the secure desktop (Most Secure) RECOMMENDED
2 - Prompt for Consent on secure desktop (Default Setting)
3 - Prompt for Credentials
4 - Prompt for Consent
5 - Prompt for Consent for non-Windows Binaries
______________________________________________________________
On Windows 7 Home Editions the default allows users created with admin rights to mindlessly run executables causing headaches for administrators.
This also prevents people who "borrow" your computers with Windows 7 Home Editions from messing with it by locking down security.
You can lock down the security by changing the corresponding registry values hope you guys find this is useful.
0 comments:
Post a Comment