1
When you click on a "shielded" button in Windows 7, UAC tries to figure out what accounts can access the feature behind that button. This happens very quickly; and I succeeded to capture it only by recording the screen and then saving the relevant frame:
I think by "credential tiles" (in the above figure), UAC means the way it displays the credentials (i.e., like tiles).
As an example, I tried to access the "Local Connection" properties. As shown below, UAC found the relevant accounts which can control this feature. The list contains the members of the Network Configuration Operators
group, as well as the members of the Administrators
group.
The question is: How does UAC know which accounts to display? In other words, where does Windows store the ACLs for features like "Local Connection" properties?
What exactly is your question? Windows is aware of which accounts have access the installation before. It wouldn't list any account that has not. – Ramhound – 2013-06-10T10:31:04.430
@Ramhound: That's exactly my question! How is Windows aware of that? There must be some sort of ACLs stored in each object to tell Windows whom it can allow to access that object. I'm asking: Where are the ACLs required to access the "Local Connection" properties stored? – M.S. Dousti – 2013-06-10T10:36:16.663
The information is contained in the registry Hive. The properties on a network connection is handled by a group policy. – Ramhound – 2013-06-10T10:41:23.497
@Ramhound: That's not informative. I know that it might be somewhere in the registry, but I don't know where to look exactly. Please be more specific. – M.S. Dousti – 2013-06-10T10:45:04.723
Every user who has logged into a system has a profile created. You don't explain what your trying to do exactly. You asked what handles the security of the property of a network connection and that would be a group policy. – Ramhound – 2013-06-10T10:59:41.040
@Ramhound: Check, for instance, the permissions of the registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dhcp\Configuration
. Notice that theNetwork Configuration Operators
group has "Full Control" to this key. It's likely that the applet tries to access this key, and therefore the UAC displays a user with relevant credentials. – M.S. Dousti – 2013-06-10T11:13:12.447The question is ambiguous. Do you want to know every step of the authorization process between GP, LP, users, groups, network settings, UAC etc and their interaction? That would be a long post... – Austin T French – 2013-06-10T11:31:17.253
1@SadeqDousti -
Network Configuration Operators
is a default group so any user assigned to that group would be displayed. – Ramhound – 2013-06-10T11:41:12.313