Creating Elevation Rules From UAC Events
Creating Elevation Rules from UAC Events
To create a rule from a UAC event, please do the following:
Login to the Web Admin Portal at https://msp.autoelevate.com using your email address and AutoElevate password
In the left-hand column click Events
- On the event grid select the event(s) by clicking the square next to the listed events(s) you want to turn into a rule
- Click on the Actions menu at the top left of the screen, and then Convert To Rule
5. A Dialog box will appear asking you to choose the Approval Status of either Approved or Denied and then what level you want to create the rule on. You may choose All Companies, Whole Company, Whole Location, or Computer. Computers will take precedence over the rest, where there’s a hierarchy.
6. After selecting the level, another dropdown menu will appear where you can select the specific location (either by selecting from the drop-down menu or typing in the space to search).
7. Click OK to accept changes once the specific location, Company, or Computer is selected.
To prevent our Agent from intercepting the User Account Control (UAC), you can select a Rule from the Actions menu on the Rules screen and set it to Ignore mode. This will allow the UAC to come up and be displayed to the user, effectively having AutoElevate ignore it.
Where are the rules stored?
Rules that have been defined are encrypted and stored in a secure area of the registry at each check-in and will continue to work with or without connectivity to the Internet and/or our services.
For anything that doesn't have a rule, we default to a position of security and allow the UAC to come up.
We recommend creating a break-the-glass local admin on each system (that perhaps only management has access to the credentials) for rare cases like these.