Right, UAC is triggered when a program requests administrator privileges. Such as Explorer, requesting administrator privileges, because that’s what the NTFS ACLs on those files and folders require.
You have four options I’m aware of.
Disable UAC on your servers.
- I do this anyway (in the general case), and would argue that if you need UAC on a server, you’re probably doing it wrong, because in general, only administrators should log onto servers, and they should know what they’re doing.
Manage the permissions from an elevated interface
PSwindow or Explorer instance all work for avoiding the UAC popup. (
Run As Administrator)
Manage the NTFS permissions remotely
- Connect over UNC from a machine that doesn’t have UAC turned on.
Create an additional non-administrative group that has full access in the NTFS ACLs to all the files and folders you want to manipulate, and assign your admins to it.
- The UAC popup won’t (shouldn’t) be triggered, because Explorer will no longer require Administrative privileges, as access to the files is granted through another, non-administrative group.