Knowledge Base > Automation Engine and Target Systems > Windows > User Account Control in Windows 2008 and Vista

User Account Control in Windows 2008 and Vista

If you intend to open programs via AE jobs that require "Elevation" (a higher authorization), you can do so by selecting the option log on as batch userIn the Automation Engine, a user is an instance of a User object, and generally the user is a specific person who works with Automic products. The User object is assigned a user ID and then a set of access rights to various parts of the Automation Engine system and product suite. These access rights come in the form of Automation Engine authorizations and privileges, Decision user roles and EventBase rights and ARA web application object rights. You can manage all these centrally in the ECC user management functions. See also, Unified user management..

No automatic elevation is possible if the batch mode is not activated. The Windows user under which the Job is executed requires the right to log on as batch jobAn Automation Engine object type for a process that runs on a target system. (System Control - Administration - Local Security Policy).

The relevant Job will automatically be elevated if it requires more authorization. Therefore, the user who is specified in the Login objectAutomation Engine controlled activities and processes are structured in the form of objects. See also: Task must have the required authorizations. Note that all processes of the affected AE Job will be executed with these rights. If the relevant user does not have one or several of the required rights, the agentA program that enables the de-centralized execution of processes (such as deployments) on target systems (computers or business solutions) or a service that provides connectivity to a target system (such as for databases or middleware). An agent is also an object type in the Automation Engine. [Formerly called "Executor."] See also: host cannot execute all processes. Windows then aborts with the error 740 (elevation required).

On Windows 2012 you should also change the relevant entries in the registry. It is not sufficient to change the UAC privilegesPrivileges in the Automation Engine refer to user rights to work with certain frontend and user interface functions. You grant privileges to users in the Automation Engine. by using the control panel in Windows 2012.
For further details please refer to and observe Microsoft's information on registry setting changes.
Follow this link to Microsoft's own site for information on the registry settings, find the description of the key "EnableLUA" and set it to "0".

Comment

The Windows-UAC displays a message asking users to confirm execution of functions and programs, according to permissions that have been set for the respective user.

This behavior cannot be controlled via the Automation EngineThis component drives an Automation Engine system and consists of different types of server processes.. You should set the relevant permissions according to the notes on installation in the Automation Engine documentation relevant to Agents, Jobs, etc.

 


Automic Documentation - Tutorials - Automic Blog - Resources - Training & Services - Automic YouTube Channel - Download Center - Support

Copyright © 2016 Automic Software GmbH