I am having problems with balancing Windows 10 UAC settings for legacy apps while maintaining correct functioning of Kixtart's Writevalue function in a login script.
I am a supporting multiple different clients at multiple sites, so I can not be overly draconian about forcing policy. The typical results are that the users must have local admin rights to install software/work with various legacy apps, but want new apps like edge to work too.
OS: Windows 10 Pro AU, Windows Server 2012 R2 Kixtart 4.66
EnableLinkedConnections is currently being set to 1 by GPO and confirmed working.
In order for Edge (and such apps) to work User Account Control: Run All administrators in Admin Approval Mode is enabled
In order for Edge (and like apps) to work User Account Control: Admin Approval Mode for the Built-in Administrator is enabled
The UAC notification slider is set to minimum or Never Notify
I am testing this setup using the following script:
Code:
Break On
? SETOPTION("WOW64AlternateRegView","ON")
? WriteValue("HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System","EnableLinkedConnections","1","REG_DWORD")
exit
Returns
OFF 5
So the writevalue statement fails with a Error 5 which I believe is rights related.
I tried a Shell "Reg ADD" and also get an Access Denied error
If disable User Account Control: Admin Approval Mode for the Built-in Administrator
It returns:
OFF 0
So it works, but of course the Edge no longer works, giving the can't be ran by built in administrator error
Is there anyway for Writevalue to work and Windows 10 apps to work at the same time?
