# Administrator Account does not have full privileges



## Mulderator (Feb 20, 1999)

Ok--this is a new computer (laptop) with 7 Pro. The Administrator account has full privileges, but if I try to create a new account with administrator privileges, it does not have the full privileges--i.e., its a though its a more limited account even though it says its an administrator account. I have checked and there does not seem to be any fix for this except reinstalling windows--although this computer just came with OEM and I don't have a CD. Anyone know another way to correct it?


----------



## parttimetechie (Jun 19, 2009)

Are you saying the account you are trying to create doesn't have admin privileges or the admin account you are using doesn't have the full set of privs?


----------



## Mulderator (Feb 20, 1999)

parttimetechie said:


> Are you saying the account you are trying to create doesn't have admin privileges or the admin account you are using doesn't have the full set of privs?


Not sure what "full admin privleges" are, but what I am saying is the account definitely has some admin privileges (for example I can install software)--it just has some restrictions. For example, if I right click on a shortcut, there is a "Run as Administrator" choice--that shouldn't be there if the account has full administration rights.


----------



## parttimetechie (Jun 19, 2009)

What is your User Account Controls set at? Do you get a pop up box and a dimming of the desktop? That would explain the "run as admin" in the shortcut window.


----------



## bbearren (Jul 14, 2006)

Mulderator said:


> Not sure what "full admin privleges" are, but what I am saying is the account definitely has some admin privileges (for example I can install software)--it just has some restrictions. For example, if I right click on a shortcut, there is a "Run as Administrator" choice--that shouldn't be there if the account has full administration rights.


"Run as Administrator" will be there on the right-click menu regardless of account level.

"Full Administrator Privileges" are those available to the Windows default Administrator account (which is disabled by default). Members of the Administrators Group have *most* of those privileges, but not *all*.


----------



## Mulderator (Feb 20, 1999)

bbearren said:


> "Run as Administrator" will be there on the right-click menu regardless of account level.
> 
> "Full Administrator Privileges" are those available to the Windows default Administrator account (which is disabled by default). Members of the Administrators Group have *most* of those privileges, but not *all*.


Is that new to Wiindows 7? Because I always had full administrator rights for any account I created as an administrator account. Anyway--here is an example of changing a shortcut for skype (see screen shot). Interestingly--it still allows me to make the change, but gives me the warning message:


----------



## parttimetechie (Jun 19, 2009)

That is the UAC I talked about earlier. Bb is right, the Admin account is a default account, the created admin accounts have most, but not all of the privs. Standard users have even less privs


----------



## Mulderator (Feb 20, 1999)

parttimetechie said:


> That is the UAC I talked about earlier. Bb is right, the Admin account is a default account, the created admin accounts have most, but not all of the privs. Standard users have even less privs


So what is the point of that? Seems not to make sense to prevent me from giving my main account complete administrator privileges. Does this mean I have to log out and log back in as administrator to do certain things? The reason this came up was I was trying to create a "dot" file in word and save it in a folder in the office subfolder (forget which folder now) and it wouldn't let me save it--told me I needed administrator rights. So do I now have to log out and log back in as administrator to do that? Because if so, I don't get the point of that--is there any way around it?


----------



## parttimetechie (Jun 19, 2009)

When it blocks you and wants admin rights, and you click yes, you should have to put in the admin password. I'll ask again, what is your User Access Control settings set at? That might make all the difference. And the point is so that viruses can't make changes to your system without your permission. I turned my UAC off, and have no problems as a normal admin account.


----------



## TerryNet (Mar 23, 2005)

The point of the UAC is that Microsoft apparently decided to put some Unix/Linux type security into Vista and Windows 7. The theory is that when malware tries to run a program or make a "system" change you will be sufficiently alert to *not *click on 'Continue.'


----------



## OVERLORDCHAOS (Apr 8, 2011)

the complete administrator priviledges (in other words the administrator account was created as a debug option since its a "god" account. UAC will never ask you anything, you can change all as in xp and never be prompted for admin priviledges, ru virus and UAC will never notice about it or the microsoft security essentials etc) in other words, its almoust like be a microsoft programmer changing the source code of windows (compared to the normal administrator group accounts).
basically, you are a normal user with elevated permissions.
its like if your dad where the owner of pepsi. you have permission to take all the bottles you want to drink. but you cannot sell the company fired anyone or destroy some machine. the "provide administrator priviledge" would be like ask you dad to fire someone and that he calls to the boss and make him fired.
in other plain words, you are a normal user with minor administrator permissions on windows 7.
if you disable UAC many old programs will go insane. from raging anger screaming at you that you are not an administrator stop tryng hacking the system, from stupid errors like do all the setup (installing a program) just to find out that copied all the files but no registry key. or all the registry keys and no files. etc.
if you use the built in administrator account (i know how to enable it) you are at risk.
i once used the admin account and in 3 months a virus deleted my MBR and partition table from my DOCUMENTS hard disk (in one disk the os and programs in the other all my documents so i dont need to do a backup. a clean install every time i need to do it free of backups).
the UAC its like a tiny slave of microsoft inside the pc that makes sure you wanna run a program.
from the calculator to office etc. and stops the evil viruses and other malware from destroy the pc.


----------



## parttimetechie (Jun 19, 2009)

That is a most interesting explanation..I got lost about half way through. I turned UAC off and have no problems, but then again I keep a tight lid on my system.


----------



## OVERLORDCHAOS (Apr 8, 2011)

ok as you wish.
but its like play russian roullette or sex without a condom.
you are risking your os life for nothing.


----------



## TerryNet (Mar 23, 2005)

Let's not get too over-dramatic.  I think the UAC is a good addition, but disabling it simply gives you security-wise an XP system. I've had at least one XP system for 8 1/2 years and have yet to get a serious infection.


----------



## Mulderator (Feb 20, 1999)

Okay--the issue with viruses makes sense as to the securities--thanks for that information. 

So I "unhid" my administrator account so I could login as that if I wanted to. Should I hide it again? In other words if that shows up as an option in the original login screen, is that a security issue? 

As an aside, I am VERY IMPRESSED with Windows 7 (using 32 bit, professional). I am most amazed at how it recognizes my IoBox server and I can control it directly from my laptop.


----------



## lunarlander (Sep 22, 2007)

Hi parttimetechie,

Do not turn off UAC, doing so will also turn off Internet Explorer's Protected Mode.


----------



## bbearren (Jul 14, 2006)

Mulderator said:


> Okay--the issue with viruses makes sense as to the securities--thanks for that information.
> 
> So I "unhid" my administrator account so I could login as that if I wanted to. Should I hide it again? In other words if that shows up as an option in the original login screen, is that a security issue?
> 
> As an aside, I am VERY IMPRESSED with Windows 7 (using 32 bit, professional). I am most amazed at how it recognizes my IoBox server and I can control it directly from my laptop.


It is best to give the default Administrator account a password, then disable it.


----------



## parttimetechie (Jun 19, 2009)

lunarlander said:


> Hi parttimetechie,
> 
> Do not turn off UAC, doing so will also turn off Internet Explorer's Protected Mode.


Since I don't use IE unless I absolutely have to, that is no factor for me


----------



## OVERLORDCHAOS (Apr 8, 2011)

ok without going dramatic, its a mistake turn off UAC.
i can teach you how to turn on UAC and get rid of the annoyng blacked desktop. (it would be just a normal pop up like the ones that rarely could come out on xp when you tried to run some installer)
run the group policy editor (from run command gpedit.msc)
computer configurations > windows configurations > security configurations > local policies > security options > User Account Control: Switch to the secure desktop when you are prompted for elevation (disable it)
UAC will be just another non annoyng pop up. with the same powers but without black out the desktop as if you where turning off the pc as in 2k/xp. also you can choose from the 4 levels of UAC the 2 one. warn you without diming the desktop. or with the option i just give (if what you hated was the diming of the desktop) put at maximum level.
if the internet explorer 8 - 9 loose the protected mode is kinda IE8 on xp. a virus could leak from IE and destroy your pc. even if its just a program that sends you to some page, and in the mean while a virus leaks into the system.


----------



## parttimetechie (Jun 19, 2009)

How is it a mistake exactly? I've had UAC off since I built my PC, and no problems at al.


----------



## zigzag3143 (May 31, 2009)

parttimetechie said:


> How is it a mistake exactly? I've had UAC off since I built my PC, and no problems at al.


I agree, UAC is a PITA and I dont use it. I have had no problems and zero infections. In terms of IE mode. I dont use IE so I could care less.


----------



## TerryNet (Mar 23, 2005)

I think that we have made it pretty clear what the pros and cons of using or not using UAC are. There may be more technical aspects to discuss, but we don't want to want to turn this into a debate or poll on using it or on what browser to use.


----------



## parttimetechie (Jun 19, 2009)

I don't want to debate it either, I would just like to know what some perceive as risks. Since I don't use UAC I'm unaware of risks in my system, and if I felt justified, I might turn UAC back on.


----------



## OVERLORDCHAOS (Apr 8, 2011)

im about to delete my account and start using admin.
my account its damaged.
first starts without wallpaper.
then the taskbar appears without transparency.
then the icons.
then the wallpaper and the transparency but no start button. (the windows ball)
then appears and starts very slowly loading services and startup programs.
on admin account that does not happens.


----------



## TerryNet (Mar 23, 2005)

Did you mean to start a new thread, OVERLORDCHAOS? If so, I can move it for you. If not, I do not understand how it relates to Mulderator's issues.


----------



## OVERLORDCHAOS (Apr 8, 2011)

lol no. i just expressed myself wrong.
i was tryng to explain that a normal account with administrator priviledges its not the same as the administrator account.
i deleted my account. in part was jamming the os because i just check on computer properties where the user profiles are saved and my profile was holding 2,38 GBS!!! i just installed windows 7 like 3 days ago!!!
apparently the best option its use the admin account but also more insecure.
(even if you turn on UAC to maximum the pop up does not appear. all runs with admin priviledges.)


----------

