Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, November 3, 2015 4:01 PM | 1 vote
There's a bug, noted in several previous threads, where the task manager begins to require UAC elevation when run on Windows 8.1, windows 7, etc. I've just experienced the same issue in Windows 10, but this time it only affects task manager when run with the desktop shortcut key (control+shift+escape). Unlike the behavior I noted on previous versions, it is not apparent when running taskmgr.exe from a non-elevated powershell window (though it does prompt for the UAC when I run task manager from a non-elevated command prompt). If I enter credentials, even non-admin credentials, at the UAC prompt, then the task manager runs as expected.
Other threads like this are dismissed with answers such as "it requires event tracing for windows which requires elevation" but that is clearly not the case.
I'm not able to determine what, if anything changes. But on a fresh default installation, the task manager works as expected, and will run from a non-elevated command line or with the desktop shortcut key (control+shift+escape) without any prompts or elevation. Then, apparently after an unidentified trigger, it begins to require elevantion and will not run without it.
I've tried setting the __compat_layer variable to runasinvoker with no effect (though I'm not sure if that works in windows 10), checking application compatibility, and of course restarting, but none of it changes the behavior.
Any suggestions on what else to look at?
All replies (16)
Tuesday, November 3, 2015 8:39 PM âś…Answered | 2 votes
I hunted some more and figured it out.
The difference is membership in the network configuration operators group.
There is something in the permissions of the network configuration operators group that is filtered out of a non-elevated token. When the system loads an exe with a manifest that has requestedExecutionLevel of highestAvailable, it claims the filtered permission which requires UAC acknowledgement.
Tuesday, November 3, 2015 7:10 PM
After restarting again, it now brings up the UAC when trying to run mmc.exe or taskmgr.exe. It did not do that before I restarted the last time.
Tuesday, November 3, 2015 9:33 PM | 1 vote
Just recreated this. User in network configuration operators, opened task manager got prompted for credentials. Enter the same username \ password as logged on with, task manager opened.
Took user out of network configuration operators logged off and back on task manager opened with no prompt.
That was build 10576 for information.
Tuesday, November 3, 2015 9:40 PM
Just recreated this. User in network configuration operators, opened task manager got prompted for credentials. Enter the same username \ password as logged on with, task manager opened.
Took user out of network configuration operators logged off and back on task manager opened with no prompt.
That was build 10576 for information.
Thanks. Please note that the build I discovered and tested this on is 10240. It appears to be consistent through at least Windows 8.
Tuesday, February 2, 2016 6:46 PM
Just recreated this. User in network configuration operators, opened task manager got prompted for credentials. Enter the same username \ password as logged on with, task manager opened.
Took user out of network configuration operators logged off and back on task manager opened with no prompt.
That was build 10576 for information.
I've got a new employee who can't run task manager on a Win 8.1 x64 box build 9600. He has the same exact (I copied another user to create his account) permissions as the other non-admins. I have 3 box's that were built from the same image, and this is the only box doing it. I've checked and nobody is in the "Network Configuration Operators" Group, so that is not the case for my situation.
But he was able to find an article that corrected the issue. It involves adding a registry setting to make it Run as Invoker"
http://superuser.com/questions/443485/windows-8-task-manager-without-elevating
Wednesday, November 30, 2016 7:37 AM
Any solution to this? Or is this a bug which should be handled just with patching Windows 10? I have this behavior on AU 1607...
Wednesday, December 7, 2016 9:15 AM
I patched AU 1607 with latest CU, being now CBB and UAC does the same thing to Task Manager, it requires password.
But I have another Win10 enviroment, where this does not happen...
Wednesday, March 22, 2017 12:44 AM
I have the same problem where a limited user gets a UAC prompt when trying to run task manager. They can put in their credentials and the task manager window pops up. So i fail to see the point of UAC in this circumstance and would consider this a bug as well.
A limited user should be able to run task manager i would think> Considering they can run it, simply by providing their password, i think something is not right with this. I was thinking it was a setting, or configuration, but i cant find any info regarding it really except people talking about how its not possible to suppress the uac prompt in this case.
It would be nice if my users did not have to authenticate to run task manager. They are clearly allowed to run it, no access denied message, so why prompt for password? senseless.
Wednesday, March 22, 2017 1:09 AM
why prompt for password? senseless.
Does it depend on what view is opening? E.g. I would agree with you if the view was the Fewer details one (which shows only the user's tasks) but otherwise there would be possibilities you might not want a general user to see.
Robert Aldwinckle
Wednesday, March 22, 2017 3:26 PM
Well the task manager does open, with limited user credentials. At no point am i authenticating as administrator. If it said "access denied" as limited user, then yes i would agree with you. However it lets a normal user open it, it just simply prompts unnecessarily, because it does let you go ahead with the action after prompting and receiving limited user credentials.
Im not sure what you mean by view. Is the default view configurable by policy?
Monday, April 3, 2017 5:46 AM
I witness this behavior only with In-Place Upgraded computers. Wipe and load computers acts as planned.
Please remember to mark my post as an answer, if I really helped you out, or vote if usefull. Thank you!
Monday, April 3, 2017 4:59 PM | 1 vote
red herring. I have never used an inplace upgrade task sequence.
I just gave up as i think this is by design. from reading other threads out there that is the conclusion i reached.
Thursday, February 22, 2018 12:56 PM
Just recreated this. User in network configuration operators, opened task manager got prompted for credentials. Enter the same username \ password as logged on with, task manager opened.
Took user out of network configuration operators logged off and back on task manager opened with no prompt.
That was build 10576 for information.
Just sharing with the community that I'm seeing the same thing on Win10 1703 with "Network configuration operators" or "Power users" local groups.
Thursday, February 22, 2018 1:35 PM
Just sharing with the community that I'm seeing the same thing on Win10 1703 with "Network configuration operators" or "Power users" local groups.
Yes, we noticed this too later. Members of networking group are promted, but users only are not.
Please remember to mark my post as an answer, if I really helped you out, or vote if usefull. Thank you!
Monday, December 3, 2018 11:04 PM
Well i think i spoke to soon re giving up. It does appear that i have solved this now.
The issue is with the group policy "load and unload device drivers". Computer configuration -> Policies -> windows settings -> security settings -> local policies -> user rights assignment -> load and unload device drivers.
Mine was set to "everyone". this was in the default domain policy, which we never edit, so its definitely been there a while and may even be a "stock" configuration.
if i set this to "administrators", the problem for limited users goes away!
I am not sure the other repercussions of this action though. From looking up the setting online, it appears that it controls whether it lets you install unsigned drivers.
Well i guess i will monitor. But if you set this to any group the "limited user" is not a member of, it WILL work.
Oh and dont set it to NULL (not defined) as the setting will still persist in the local group policy. You need to overwrite with something like "administrators" to get it to apply successfully to the local policy.
Credit goes to a reddit post by negativeexile
https://www.reddit.com/r/sysadmin/comments/7j3qjy/windows_10_task_manager_triggers_uac/
Wednesday, June 10, 2020 9:54 AM
I have the same issue. When users are members of Network Configuration Operators, they get prompted for UAC with things like regedit, task manager, mmc.
They just have to enter their password and it works, but it doesn't make sense at all that UAC is prompting and working with same username / password.
Anyone could figure this out ?