Windows Agentless Privileged Accounts with UAC enabled.

Document ID : KB000029716
Last Modified Date : 14/02/2018
Show Technical Document Details

Question:

How to allow Windows Agentless Privileged Accounts with User Account Control (UAC) enabled?

 

Answer:

To allow Privileged Accounts on Windows Agentless SAM endpoints with User Access Control (UAC) enabled the "User Login" for the endpoint needs to be the local administrator. This is because windows does not allow the changing of passwords via WMI as it requires UAC to prompt the user, unless the user is the local administrator.

When the local administrator is used for the "User Login" any other user can be used for the actual privileged account and will receive UAC prompts as required when logged into the endpoint.