Home > OS >  Difference between User account with Admin rights and Run as Admin
Difference between User account with Admin rights and Run as Admin

Time:01-04

I am running this in Windows 10

What is the difference between running a program in a user account with admin rights, versus running in a standard account but right clicking and running as admin - and by difference, I mean from the program's point of view.

I thought from the program's point of view, there would be no difference. But apparently that isn't exactly true.

See - I have this piece of hardware (The DLink Air Bridge for the Quest 2 Headset). It won't connect to the desktop app unless I run it in an account with admin rights. But here is the thing, if I run it in the same account (but now with only standard rights) but right click on the program and "Run as Admin" - it still won't connect. How can this be?

I am asking this here because the support for both Meta and Dlink is hopelessly, HILARIOUSLY inept.

Also - what is worse when it comes to security: Using an account for daily stuff with admin rights, or right clicking on particular programs that need it and always running as an admin. I assumed it was the latter - but I am an idiot when it comes to computer security.

CodePudding user response:

When an administrator logs in, the full elevated token is stored in a system process and a more restricted token is generated from this and is used to start Explorer.exe at logon.

When this admin user elevates, UAC starts the new process with the full elevated token (often called "split token"). This causes some minor complications related to mapped network drives and HKCU COM objects but essentially the two tokens refer to the same user account and the same HKCU registry key.

On the other hand, when a non-admin UAC elevates they have to enter the credentials of an administrator and it is this administrator and their account/profile/HKCU that is tied to the token when the new process is started. Meaning, a process running as this administrator is present in the desktop session of the non-admin user. This means a different profile folder and different HKCU compared to other processes in the session.

According to Microsoft, UAC is not a security boundary. If you are really concerned about security then you need to log in as the administrator separately.

  • Related