Previous Topic: Remote Connections with User Account ControlNext Topic: Configure a Windows Server 2008, Windows 7 Enterprise or a Vista Endpoint for Scheduled Tasks

Enterprise Administration GuideImplementing Shared AccountsSAM Endpoint and Shared Account CreationCreate an EndpointWindows Agentless Connection InformationConfigure Windows Agentless Endpoints for SAMDisable Local Account Administrative Privileges Limitations on Windows Server 2012 and Windows 8

Disable Local Account Administrative Privileges Limitations on Windows Server 2012 and Windows 8

Valid on Windows Server 2012, Windows 8

SAM uses administrative privileges to connect to the endpoint. On Microsoft Server 2012 and Windows 8 administrative privileges are limited to local accounts on User Account Control (UAC) enabled systems.

To disable this limitation modify or create the following registry value:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\LocalAccountTokenFilterPolicy

Type: REG_DWORD

Value: 1

If domain accounts that are members of the local administrators group had full administrative privileges before the configuration was made, then once the above is configured local accounts that are members of the local administrators will have full administrative privileges.