locked
Disable or quiet UAC without reboot from command line RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    I need to be able Disable or quiet UAC without reboot from command line without user confirmation as local system

     

    We use LANDesk and I want to add a part of the script to install turning off or quieting UAC, run install and them turn UAC on

     

    Not all users are Admins so I can run as current logged on user but if admin rights are not need I can run a pre install task as local user run the install task then run a post install task to turn it on

     

    It doesn’t have to be a command line it can be an app Ii position on each machine then call if it can run silently

     

    Wednesday, April 21, 2010 12:36 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

     

    Thanks for posting in Microsoft TechNet forums.

     

    To disable UAC, you can take either of the following methods:

     

    1.     If you use Group Policy to manage UAC, you can edit the local security policy to control this:

     

    1)    From the Start search bar, type "Local Security Policy"

    2)    Accept the elevation prompt

    3)    From the snap-in, select Security Settings -> Local Policy -> Security Options

    4)    Scroll down to the bottom, where you'll find nine different group policy settings for granular configuration of UAC.

     

    2.     Use the following script to elevate the privilege in Windows Vista.

     

    Scripting Elevation on Vista

     

    3.     You can also modify the registry through the following command line:

     

    REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0x0 /f

     

    Important caution: please backup your registry before modifying it, any incorrect modification can cause a unrecoverable damage.

     

    Best Regards 

    Dale Qiao
    TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.com

     

    Friday, April 23, 2010 2:24 AM
    Moderator

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

     

    Thanks for posting in Microsoft TechNet forums.

     

    To disable UAC, you can take either of the following methods:

     

    1.     If you use Group Policy to manage UAC, you can edit the local security policy to control this:

     

    1)    From the Start search bar, type "Local Security Policy"

    2)    Accept the elevation prompt

    3)    From the snap-in, select Security Settings -> Local Policy -> Security Options

    4)    Scroll down to the bottom, where you'll find nine different group policy settings for granular configuration of UAC.

     

    2.     Use the following script to elevate the privilege in Windows Vista.

     

    Scripting Elevation on Vista

     

    3.     You can also modify the registry through the following command line:

     

    REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0x0 /f

     

    Important caution: please backup your registry before modifying it, any incorrect modification can cause a unrecoverable damage.

     

    Best Regards 

    Dale Qiao
    TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.com

     

    Friday, April 23, 2010 2:24 AM
    Moderator
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as ‘Answered’ as the previous steps should be helpful for many similar scenarios. If the issue still persists, please feel free to  reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish.
    BTW,  we’d love to hear your feedback about the solution. By sharing your experience you can help other community members facing similar problems. Thanks for your understanding and efforts.

    Best Regards 

    Dale Qiao
    TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.com

    Tuesday, April 27, 2010 7:42 AM
    Moderator
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Dale,

     

    I know this thread has been quite for quite some time but I don't think the answers are correct.  While they do describe the correct way to disable UAC in all methods mentioned a reboot is still required. 

     

    Regards,

     

    Frank

    • Proposed as answer by Andre.Ziegler Wednesday, February 16, 2011 11:09 PM
    Wednesday, February 16, 2011 7:53 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    correct.
    "A programmer is just a tool which converts caffeine into code" CLIP- Stellvertreter http://www.winvistaside.de/
    Wednesday, February 16, 2011 11:10 PM
  • Question
    Sign in to vote
    1
    Sign in to vote
    Ready for me to blow your minds with a hidden "feature"...

    To disable UAC for all subsiquent commands in the same session--i.e. if you close the particular script or CMD sessions it resets and you just have to set it again to disable temporarily:

    SET __COMPAT_LAYER=WINXPSP3
    • Proposed as answer by EnigmaV8 Friday, April 5, 2013 4:09 PM
    Friday, April 5, 2013 4:08 PM
  • Question
    Sign in to vote
    1
    Sign in to vote

    You can also use this one.

    set __COMPAT_LAYER=RunAsInvoker

    • Proposed as answer by Aardvark_ Thursday, August 15, 2013 10:14 AM
    Thursday, August 15, 2013 10:14 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    How to I re-enable it in command line?
    Sunday, February 16, 2014 5:23 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hello,

    "set __COMPAT_LAYER=RunAsInvoker"

    What does it mean ?

    Does it mean that the "popup" of UAC or "elevation" is disabled ?
    Does-it mean that the UAC is disabled and "elevation" is not necessary ?

    Regards,

    Tuesday, January 26, 2016 3:03 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    it showing Access denied
    Friday, January 19, 2018 9:20 AM
  • Question
    Sign in to vote
    0
    Sign in to vote 
    REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f
net stop browser && net stop server && net start server && net start browser

    --> UAC is disabled, perform your actions

    REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v LocalAccountTokenFilterPolicy
net stop browser && net stop server && net start server && net start browser

    --> UAC is enabled again

    As a bonus, there is an option to disable the Elevation confirmation for admins only (more secure)

    REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f

    --> This takes effect immediately, set back to default with

    REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 5 /f

    Regards 

    Sunday, January 6, 2019 12:01 PM