Ever since I disabled UAC on my Vista machine, I’d been hoping for a way to disable it only for specific users.

Then I just stumbled across a promising page for disabling the UAC prompting for administrators only.

It wasn’t the “Per User disabling of UAC” that I was hoping for, but I’d take it.

In a nutshell, run SECPOL.MSC from the Start, Run box

Expand Local Policies, and select Security Options.

Find the entry “User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode” in the list (it’s towards the end) and double-click on it.

Change the setting to “Elevate without prompting”.

Note that this won’t work with Vista Basic and Home, because those versions don’t come with the SECPOL.MSC file. Check out the blog above for a reg script for that.

So, then, I thought,  just setup an Admin user for doing standard development stuff (where the UAC is just a flat pain in the ass), then, login as a NON-ADMIN user with UAC enabled to test things out.

Well, not so fast. Turns out, even with the Automatic elevation setting on, elevation still doesn’t happen quite right in all cases. Take for instance, Winternal’s Process Explorer:

That Replace Task Manager option will cause a “Process Requires Elevation” prompt with UAC enabled, regardless of the “Elevate without prompting” setting mentioned above, so there’s more to this that what would appear to be mentioned in the help for that security option. Granted Process Explorer is pretty low level stuff, but it’s something I use all the time.

Screw that. Not worth bothering with, so off goes the UAC again.