An Overview of UAC | Administering Windows Vista Security: The Big Surprises

Vista includes many neat new features and I suspect that it includes something for everyone to love. Not everybody will love any given feature, but every feature will be loved by someone, right?

Okay, that's a lie. There's probably one Vista feature that everyone will hate: User Account Control or UAC. Although actually, that's not really true, not everybody hates it…I like it. Although truthfully when I met it, I probably hated it more than anyone.

In this chapter, I'll offer a quick summary of what UAC does for those who've not run into it yet, and why it drives everyone nuts. Then I'm going to explain why I think that UAC is a very significant step toward not only securing Windows, but making the average person more aware of Windows security-and that's a big part of what I like about UAC, because I think that if everyone becomes aware of Windows security, then I suspect that most of the problems with security in Windows will disappear. After that, we'll get into the heart of UAC. Explaining it, I hope, will win it some converts and, if you're not converted by then, at least you'll know how to turn it off.

Introducing UAC

UAC makes itself known pretty early on, and it's usually not a happy meeting-permit me to tell you about my early aneurysm-producing moments with Vista-which I've alluded to in the Introduction and in Chapter 1.

I installed my first copy of Vista. When it started up, it prompted me to create a local account, as the system that I was working on was workgroup-attached, and when I told Vista what to call this new account, Vista made that account a member of the Administrators group by default, just as XP did. (In other cases, I built a copy of Vista that was a domain member and logged onto the Vista machine as a member of the domain's Domain Admins group and that group, of course, is a member of the Vista box's local Administrators group.) Either way, I was logged onto Vista on an account other than the local Administrator account. (Remember, by default Vista disables the Administrator account.)

Once logged into Vista, my first task was to create a local user account named "Mark" with password "swordfish." As I'm a command-line kinda guy and, to be truthful, not really interested in having to figure out the GUI du jour, I clicked Start Accessories Command Prompt and the command prompt window appeared. I then I tried to create the Mark account by typing

 net users mark swordfish /add

I was then surprised when told that System error 5 has occurred. Access is denied. Now, that's odd, I thought; I have successfully used this command on Windows NT–based systems since NT 3.1, and it's always worked. Although wait…it didn't say that the syntax was wrong; just that "access is denied." Aha! Maybe I forgot to log on as an admin? Just to be sure, I went so far as to log off and then back on so as to double-check that I was indeed logged on as an admin…and still the command failed.

Okay, I thought, I surrender, let's do it the GUI way. I clicked Start, then Control Panel, and I then noticed that they rearranged the Control Panel-but I was expecting that anyway-and I then saw a couple of people with heads but no faces, which has always kind of creeped me out every since those guys appeared in XP. Looks like something from an Outer Limits …or maybe a bad episode of Sopranos.

Next to the faceless people, I saw "User Accounts and Family Safety," "Set up parental controls for any user" (hey, cool, that must be a tool to allow me to control my father's spyware-collecting Web surfing habits-that would constitute "parental control," right?), and finally "Add or remove user accounts." Yup, that's gotta be the ticket, I thought, and so I clicked it. But, then the screen dimmed, and a dialog box appeared smack-dab across my once-colorful screen, a dialog box like the one you see in Figure 2.1.

image from book
Figure 2.1: Meet the "Consent UI"

What is this, I wondered? After a moment's reading, I realized with a little annoyance that it's basically a mildly colorful "are you sure?" dialog box. (Its official name is, you may recall from the previous chapter, the "consent user interface" or "Consent UI.") For some reason, Windows was making absolutely sure that I did indeed want to do something administrator-ish. So I clicked the Confirm button, and Vista opened the user creation GUI. Once there, I was able to get down to the business of creating a user account.

As I used Vista more and more, I saw the Consent UI more and more. As time went on, it annoyed me more and more. (This, of course, was all before I had my insight that I referred to in the Introduction.)