About two or so months ago I built myself a new machine running Windows 7 Professional (RTM). One of the things about Win7 that I liked, from what I had been hearing at the time, was that it no longer set up the admin to run as default. So, naively I accepted this to be true and ran through the setup process back then without a second thought. Fast forward to today, when I'm thinking about setting up a Software Restriction Policy to keep out the baddies, and my account is listed as Administrative.
I'm a little confused about that, to be honest. I certainly still have to deal with the UAC (it's set to the highest level), and on several occasions the programs I run need to be 'run as Administrator' - So why would these things need to happen if my account was already Admin level?
The bigger questions I have are as follows: 1. Can I 'demote' my current account to a Limited User Account and keep all my settings, files, and programs running as they normally do? As I said, a few programs that I run frequently (Process Explorer, EVGA precision, RealTemp) require 'run as Administrator' - Is this going to make a gigantic hassle for me if I can demote my account? Will all my programs still be able to run, and write files where and when they need to? I know for a fact that Steam hates
being run as Administrator (it makes it think it's in compatibility mode, and gives an error), so I'm not sure if I'll be able to update/download games with a LUA.
And, 2. Can I set up a Software Restriction Policy on Windows 7 Professional? I missed the boat with XP, and apparently now Microsoft took the SRP capacity of Windows and shoved it into a new feature called Applocker - which is not
available on Professional. I don't know if this feature is still possible without upgrading to ultimate, in which case I'm not sure any of this hassle would be worth it.
So, I guess I'm confused about Admin accounts, LUAs, and SRP on Win 7. I'm mostly curious if I'm going to completely bork
my machine trying any of this, too. Sorry for the long, rambling question, but thanks for any help.
If your account was actually a standard user account, when UAC would come up it would ask you to put in the username/password of an account with admin privileges
"AppLocker is a new technology in Windows 7 that will be part of the Enterprise SKU, while the legacy Software Restriction Policies will be available in the Business and Enterprise SKUs."
Looks like you should be good to go.
"Was cursing, in broken english at his team, and at our team. made fun of dead family members and mentioned he had sex with a dog."
"Hope he dies tbh but a ban would do."
I'm still a bit dense, but since Win7 is running my 'admin' account as a standard user until authorization is required, does that mean I can set up a Legacy SRP with my already existing user account? I'm not sure if it's going to require bumping down to a LUA, if Win7 already sees it as one.