Answered by:
Disable or quiet UAC without reboot from command line

Question
-
I need to be able Disable or quiet UAC without reboot from command line without user confirmation as local system
We use LANDesk and I want to add a part of the script to install turning off or quieting UAC, run install and them turn UAC on
Not all users are Admins so I can run as current logged on user but if admin rights are not need I can run a pre install task as local user run the install task then run a post install task to turn it on
It doesn’t have to be a command line it can be an app Ii position on each machine then call if it can run silently
- Moved by Chris.H-SBITMicrosoft Support Thursday, April 22, 2010 10:49 AM (From:Windows Vista Security, Privacy, and User Accounts)
Wednesday, April 21, 2010 12:36 PM
Answers
-
Hi,
Thanks for posting in Microsoft TechNet forums.
To disable UAC, you can take either of the following methods:
1. If you use Group Policy to manage UAC, you can edit the local security policy to control this:
1) From the Start search bar, type "Local Security Policy"
2) Accept the elevation prompt
3) From the snap-in, select Security Settings -> Local Policy -> Security Options
4) Scroll down to the bottom, where you'll find nine different group policy settings for granular configuration of UAC.
2. Use the following script to elevate the privilege in Windows Vista.
3. You can also modify the registry through the following command line:
REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0x0 /f
Important caution: please backup your registry before modifying it, any incorrect modification can cause a unrecoverable damage.
Best Regards
Dale Qiao
TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.com- Marked as answer by Dale QiaoModerator Tuesday, April 27, 2010 7:42 AM
Friday, April 23, 2010 2:24 AMModerator
All replies
-
Hi,
Thanks for posting in Microsoft TechNet forums.
To disable UAC, you can take either of the following methods:
1. If you use Group Policy to manage UAC, you can edit the local security policy to control this:
1) From the Start search bar, type "Local Security Policy"
2) Accept the elevation prompt
3) From the snap-in, select Security Settings -> Local Policy -> Security Options
4) Scroll down to the bottom, where you'll find nine different group policy settings for granular configuration of UAC.
2. Use the following script to elevate the privilege in Windows Vista.
3. You can also modify the registry through the following command line:
REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0x0 /f
Important caution: please backup your registry before modifying it, any incorrect modification can cause a unrecoverable damage.
Best Regards
Dale Qiao
TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.com- Marked as answer by Dale QiaoModerator Tuesday, April 27, 2010 7:42 AM
Friday, April 23, 2010 2:24 AMModerator -
Hi,
As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as ‘Answered’ as the previous steps should be helpful for many similar scenarios. If the issue still persists, please feel free to reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish.
BTW, we’d love to hear your feedback about the solution. By sharing your experience you can help other community members facing similar problems. Thanks for your understanding and efforts.Best Regards
Dale Qiao
TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.comTuesday, April 27, 2010 7:42 AMModerator -
Hi Dale,
I know this thread has been quite for quite some time but I don't think the answers are correct. While they do describe the correct way to disable UAC in all methods mentioned a reboot is still required.
Regards,
Frank
- Proposed as answer by Andre.Ziegler Wednesday, February 16, 2011 11:09 PM
Wednesday, February 16, 2011 7:53 PM -
correct.
"A programmer is just a tool which converts caffeine into code" CLIP- Stellvertreter http://www.winvistaside.de/Wednesday, February 16, 2011 11:10 PM -
Ready for me to blow your minds with a hidden "feature"...
To disable UAC for all subsiquent commands in the same session--i.e. if you close the particular script or CMD sessions it resets and you just have to set it again to disable temporarily:
SET __COMPAT_LAYER=WINXPSP3- Proposed as answer by EnigmaV8 Friday, April 5, 2013 4:09 PM
Friday, April 5, 2013 4:08 PM -
You can also use this one.
set __COMPAT_LAYER=RunAsInvoker
- Proposed as answer by Aardvark_ Thursday, August 15, 2013 10:14 AM
Thursday, August 15, 2013 10:14 AM -
How to I re-enable it in command line?Sunday, February 16, 2014 5:23 PM
-
Hello,
"set __COMPAT_LAYER=RunAsInvoker"
What does it mean ?
Does it mean that the "popup" of UAC or "elevation" is disabled ?
Does-it mean that the UAC is disabled and "elevation" is not necessary ?
Regards,
Tuesday, January 26, 2016 3:03 PM -
it showing Access deniedFriday, January 19, 2018 9:20 AM
-
REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f net stop browser && net stop server && net start server && net start browser
--> UAC is disabled, perform your actions
REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v LocalAccountTokenFilterPolicy net stop browser && net stop server && net start server && net start browser
--> UAC is enabled again
As a bonus, there is an option to disable the Elevation confirmation for admins only (more secure)
REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f
--> This takes effect immediately, set back to default with
REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 5 /f
RegardsSunday, January 6, 2019 12:01 PM