Patrick S. Seymour
Patrick S. Seymour
What about it? Did you try it without configuring any settings like I mentioned?
[link to branch for this issue](https://github.com/pseymour/MakeMeAdmin/tree/log-elevated-processes)
Yep, I am aware of the drawbacks of using WMI, but thank you for making sure. The sysmon idea is interesting and something I had not thought of. I need...
I've been having pretty good luck with Event Tracing for Windows (ETW). It doesn't gobble up RAM or CPU. I've ditched all of the WMI code in my local repo,...
@martshep Can you play with the code that I just checked in? I'm pretty happy with the performance gains from using ETW rather than WMI. I'm not set on what...
They don't exist unless you make them. Of course, using the Group Policy templates would create the keys under Policies for you.
The default setting for removing admin rights when the user logs off is false, meaning rights will not be removed. Admittedly this is the less secure option, but that is...
The code that's in master branch now requires .NET 4.8.
It looks like your Allowed Entities registry value is a REG_SZ value.
Yes, that looks correct if "Remove Admin Rights On Logout" is not set.