Evolution of Windows Server 2008 User Account Control What's Up with Windows Server 2008's User Account Control By Guy Thomas August 10, 2011 7:00 PM Tags : Servers Windows Administration Security Hardware & Software Domain Computers Dialog Extension Windows System Administration Windows Server How To Microsoft Start Menu Radio Customization Taskbar Policy Design Configuration Display Expand Windows Server 2008 Table Of Contents 1. Disabling User Account Control 2. An Alternative 3. Overview of UAC 4. Evolution of Windows Server 2008 User Account Control 4. Evolution of Windows Server 2008 User Account Control User Account Control is central to Microsoft's security platform for Windows Server 2008. In earlier Beta 1 builds of Windows Windows Server 2008, UAC was called UAP (User Account Protection). More than just a mere change of acronym, this indicates that UAC is part of a larger security area, which Microsoft are rapidly evolving. Following feedback from beta testers, Microsoft fine tuned the balance between high security and ease-of-use for the UAC. Microsoft's press releases tell us that User Account Control is a development of least-privilege user access, or LUA. My view is that User Account Control has grown out of the 'Run as..' feature of Windows Server 2003 or the 'Switch User' feature of XP. I have to say that at least on training courses, RunAs was one of the least liked features of Windows Server 2003. Even when we ignored 'Run as...' on those training courses, we had this feeling of being naughty boys and not taking security seriously. User Account Control makes it easier to develop good habits and work securely. UAC is like opening a locked draw using a plastic card kept in your top pocket, compared with 'Run as...', which is like walking over to the filing cabinet and finding the correct key for your draw. In summary, User Account Control automatically gives you the best of both worlds, rely on a basic token for routine tasks and reserve the Administrative token for special security responsibilities. Surprise, I discovered that certain tasks still need the 'Run as...' technique, for instance releasing and renewing an IP address. This is how it works. Summary of User Account Control (UAC) User Account Control (UAC) is a central plank in Microsoft's security platform for Windows Server 2008. This page gives you strategies for controlling this service. One theme that runs through UAC is that Microsoft are still fine-tuning the places where you can configure the settings, there have been significant changes from Beta 1 --> Beta 2 --> RC1 --> Windows Server 2008 Final Release. Previous 4. Evolution of Windows Server 2008 User Account Control 1. Disabling User Account Control2. An Alternative3. Overview of UAC4. Evolution of Windows Server 2008 User Account Control Comment on this article ... Comment(s)| Comments