Navigating the User Account Changes

User Account Control is designed to make it easier to protect computers while ensuring that users can perform the tasks they need to perform. As part of the restructuring for UAC, many changes have been made to user accounts and privileges. These changes are designed to ensure that there is true separation of user and administrator tasks, and that any tasks that have minimal system impact and potential for risk can be performed using standard user accounts. Administrators also have the ability to restrict privileges if they prefer.

Understanding Standard User Privileges

In Windows Vista, standard user accounts can be used to perform some tasks that previously required administrator privileges. New permissions for standard user accounts in Windows Vista include:

• Viewing the system clock and calendar and changing the time zone.

• Changing the display settings and installing fonts.

• Changing power management settings.

• Adding printers and other devices (where the required drivers are installed on the computer or are provided by an IT administrator).

• Downloading and installing updates using User Account Control–compatible installers.

• Creating and configuring virtual private network (VPN) connections. A VPN connection helps you establish a secure connection to a private network over the public Internet.

• Installing Wired Equivalent Privacy (WEP) to connect to secure wireless networks. WEP is a security protocol that provides a wireless network with the same level of security as a wired local area network (LAN).

Additionally, some maintenance tasks are now automatically scheduled processes, so users will not have to initiate these processes manually. Processes that are scheduled to run automatically include:

• CareTaker  Performs automated maintenance of the computer.

• Consolidator  Performs automated consolidation of the computer’s event logs.

• AutomaticDefrag  Performs automatic defragmentation of the computer’s hard disks.

• AutomaticBackup  Performs automatic backup of the computer (once configured).

In earlier versions of Windows, nonadministrators couldn’t easily tell whether they were allowed to perform an action. To make it easier for users to determine whether they can perform a task, Windows Vista uses a shield icon to identify tasks that require administrator privileges.

In Figure 9-1, two tasks are preceded by a shield icon: Change Settings and Change Product Key. These tasks require administrator privileges.

Figure 9-1: The shield icon indicates tasks that require administrator privileges

The terms legacy application and legacy operating systems take on new meanings with the introduction of Windows Vista. In Windows Vista, legacy application refers to an application developed for Windows XP or an earlier version of Windows, and legacy operating system refers to an operating system using Windows XP or an earlier version of Windows.

In earlier versions of Windows, the Power Users group was designed to give users specific administrator privileges to perform basic system tasks while running applications. As standard user accounts can now perform most common configuration tasks, Windows Vista does not require the use of the Power Users group.

Further, while Windows Vista maintains the Power Users group for legacy application compatibility, applications written for Windows Vista do not require the use of the Power User mode. Legacy applications that require administrative privileges use file and registry virtualization; compliant applications use standard user mode and adminis trator mode, as discussed previously. For more information about legacy application compatibility, refer to the Microsoft Windows Vista Administrator’s Pocket Consultant (Microsoft Press, 2006).

William Stanek

Author, MVP, and series editor for the Microsoft Press Administrator’s Pocket Consultants

Understanding File System and Registry Virtualization

Windows Vista uses application security tokens to determine whether elevated privileges are required to run applications or processes. With applications written for Vista, applications either have an “administrator” token or a “standard” token. If an application has an “ administrator” token, it requires elevated privileges. If an application has a “standard” token, it doesn’t require elevated privileges.

The token is a reflection of the required level of privileges. A standard user mode–compliant application should write data files only to nonsystem locations. If the application requires administrator privileges to perform a specific task, the application should request elevated privileges to perform that task. For all other tasks, the application should not run using elevated privileges.

Applications not written for the Windows Vista new user account architecture are considered legacy applications. Windows Vista starts these applications as standard user applications by default and uses file and registry virtualization to give legacy applications their own “virtualized” views of resources they are attempting to change. When a legacy application attempts to write a system location, Windows Vista gives the application its own private copy of the file or registry value so that the application will function properly. All attempts to write to protected areas are logged by default as well.