pseymour
commented
9 months ago Yes, that looks correct if "Remove Admin Rights On Logout" is not set.
Open MichalisDBA opened 9 months ago
pseymour
commented
9 months ago Yes, that looks correct if "Remove Admin Rights On Logout" is not set.
MichalisDBA
commented
9 months ago I wanted to point out that although you press Remove My Administrator Rights you still have them unless you logoff and logon again. This defies the purpose to become a normal user when you press this button.
chris18890
commented
9 months ago As I understand it, this is not a problem with Make Me Admin specifically, but due to how Windows handles user rights & group memberships. The user token is constructed at logon when group membership is checked, and remains the same for that logon session. It's why when adding a user to an Active Directory or Entra group the documentation always says to log off & on again, so that the token is refreshed with the new group membership :)
pseymour
commented
9 months ago Chris is exactly correct.
ludikris
commented
8 months ago it timed out for us ... no log in or out needed.. what I wanna know is if makemeadmin allows standard user to permanently add themselves with an elevated command prompt like this: net localgroup administrators /add username ultimately bypassing the need for makemeadmin once completed.? also.. how possible is it to incorporate totp passcodes into this?? i love this program :D
pseymour
commented
8 months ago @ludikris Yes, it does. You're allowing the user to gain administrative rights. They can do anything an administrator can do.
Hello.
I attach a screen record for better explanation.
Tha problem is that when you press Remove my Admin rights, you are still having admin rights until you logoff and logon again or reboot the computer.
https://github.com/pseymour/MakeMeAdmin/assets/68512501/59b83cb2-71ed-48b3-a90a-5d7a4b466e4a