UAC considerations for Windows environments


Windows User Account Control (UAC) is a security component of the Windows Server operating system that affects operations that require administrator authority.

TMTM attempts operations that require administrator privileges when it is installed to a protected area of the system. If UAC is enabled on your system in Admin Approval Mode and TMTM is installed to a protected area of the system, the operating system interacts with the application differently than if it was installed to a non-protected area of the system.

Examples of protected areas include c:\Program Files and c:\Program Files (x86). Installation to a protected area of the system with UAC enabled in Admin Approval Mode can cause unexpected behavior in TMTM. For this reason, TMTM must not be installed to a location that is a protected area of the system (select the Default Security Configuration).

When installing TMTM, the installation program must be executed explicitly as an Administrator, and not just as a user in the Administrators group. To do this, right-click on the file \Disk1\InstData\Windows\VM\install.exe and select Run As Administrator from the popup menu.

To summarize, if Windows UAC is enabled on your TMTM Server in Admin Approval Mode:

  • The installation program must be executed explicitly as an Administrator ("Run as Administrator").
  • TMTM must not be installed to a location that is a protected area of the system.

To determine if UAC is enabled in Admin Approval Mode, or what areas of your system are protected areas, contact your organization's Windows specialist and/or consult Microsoft documentation concerning User Account Control.

If TMTM is installed to a protected area, TMTM must be completely removed and re-installed, or the installation must be moved if removal and re-installation is not possible. Contact BMC Support if you need assistance.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*