{"id":208689,"date":"2024-01-18T11:10:01","date_gmt":"2024-01-18T11:10:01","guid":{"rendered":"https:\/\/www.ninjaone.com\/script-hub\/konfigurera-uac-installningar-windows-powershell\/"},"modified":"2024-03-05T11:32:45","modified_gmt":"2024-03-05T11:32:45","slug":"konfigurera-uac-installningar-windows-powershell","status":"publish","type":"script_hub","link":"https:\/\/www.ninjaone.com\/sv\/script-hub\/konfigurera-uac-installningar-windows-powershell\/","title":{"rendered":"S\u00e5 h\u00e4r konfigurerar du UAC-inst\u00e4llningar f\u00f6r Windows (PowerShell-skript)"},"content":{"rendered":"

User Account Control (UAC)<\/a> \u00e4r en viktig s\u00e4kerhetsfunktion i Windows operativsystem. Den fungerar som en grindvakt och f\u00f6rhindrar obeh\u00f6riga \u00e4ndringar p\u00e5 datorn. UAC fungerar genom att definiera olika niv\u00e5er av anv\u00e4ndarr\u00e4ttigheter, fr\u00e5n att alltid meddela om \u00e4ndringar till att aldrig meddela. Genom att f\u00f6rst\u00e5 dessa niv\u00e5er och hur de p\u00e5verkar anv\u00e4ndarbeh\u00f6righeter kan IT-personal b\u00e4ttre s\u00e4kra sina system.<\/p>\n

Bakgrund<\/h2>\n

UAC introducerades med Windows Vista och har varit en h\u00f6rnsten i Windows s\u00e4kerhet. N\u00e4r vissa \u00e4ndringar g\u00f6rs ber UAC anv\u00e4ndaren om tillst\u00e5nd eller ett administrat\u00f6rsl\u00f6senord innan uppgiften till\u00e5ts forts\u00e4tta. Detta skript, som \u00e4r skr\u00e4ddarsytt f\u00f6r Windows 7 och Windows Server 2012 och fram\u00e5t, erbjuder ett s\u00e4tt att programmatiskt konfigurera dessa UAC-inst\u00e4llningar<\/strong>.<\/p>\n

Manus<\/h2>\n
#Requires -Version 2.0\r\n\r\n<#\r\n.SYNOPSIS\r\n    Configures UAC.\r\n.DESCRIPTION\r\n    Configures UAC to defaults if no parameters are specified.\r\n.EXAMPLE\r\n    No parameters needed.\r\n    Sets all UAC settings to Microsoft's defaults.\r\n.EXAMPLE\r\n     -ConsentPromptBehaviorAdmin 5\r\n    Sets ConsentPromptBehaviorAdmin to 5\r\n.EXAMPLE\r\n    PS C:> Set-Uac.ps1\r\n    Sets all UAC settings to MS defaults.\r\n.OUTPUTS\r\n    None\r\n.NOTES\r\n    Minimum OS Architecture Supported: Windows 7, Windows Server 2012\r\n    This script will show before and after UAC settings.\r\n    Release Notes:\r\n    Initial Release\r\nBy using this script, you indicate your acceptance of the following legal terms as well as our Terms of Use at https:\/\/www.ninjaone.com\/terms-of-use.\r\n    Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms. \r\n    Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party. \r\n    Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library or website belonging to or under the control of any other software provider. \r\n    Warranty Disclaimer: The script is provided \u201cas is\u201d and \u201cas available\u201d, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations. \r\n    Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks. \r\n    Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script. \r\n    EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).\r\n.COMPONENT\r\n    LocalUserAccountManagement\r\n#>\r\n\r\n[CmdletBinding()]\r\nparam (\r\n    [Parameter()][ValidateRange(0, 5)][int]$ConsentPromptBehaviorAdmin = 5,\r\n    [Parameter()][ValidateRange(0, 3)][int]$ConsentPromptBehaviorUser = 3,\r\n    [Parameter()][ValidateRange(0, 1)][int]$EnableInstallerDetection = 1,\r\n    [Parameter()][ValidateRange(0, 1)][int]$EnableLUA = 1,\r\n    [Parameter()][ValidateRange(0, 1)][int]$EnableVirtualization = 1,\r\n    [Parameter()][ValidateRange(0, 1)][int]$PromptOnSecureDesktop = 1,\r\n    [Parameter()][ValidateRange(0, 1)][int]$ValidateAdminCodeSignatures = 0,\r\n    [Parameter()][ValidateRange(0, 1)][int]$FilterAdministratorToken = 0\r\n)\r\n\r\nbegin {\r\n    function Test-IsElevated {\r\n        $id = [System.Security.Principal.WindowsIdentity]::GetCurrent()\r\n        $p = New-Object System.Security.Principal.WindowsPrincipal($id)\r\n        if ($p.IsInRole([System.Security.Principal.WindowsBuiltInRole]::Administrator))\r\n        { Write-Output $true }\r\n        else\r\n        { Write-Output $false }\r\n    }\r\n    function Set-ItemProp {\r\n        param (\r\n            $Path,\r\n            $Name,\r\n            $Value,\r\n            [ValidateSet(\"DWord\", \"QWord\", \"String\", \"ExpandedString\", \"Binary\", \"MultiString\", \"Unknown\")]\r\n            $PropertyType = \"DWord\"\r\n        )\r\n        if ((Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue)) {\r\n            Set-ItemProperty -Path $Path -Name $Name -Value $Value -Force -Confirm:$false | Out-Null\r\n        }\r\n        else {\r\n            New-ItemProperty -Path $Path -Name $Name -Value $Value -PropertyType $PropertyType -Force -Confirm:$false | Out-Null\r\n        }\r\n    }\r\n}\r\nprocess {\r\n    if (-not (Test-IsElevated)) {\r\n        Write-Error -Message \"Access Denied. Please run with Administrator privileges.\"\r\n        exit 1\r\n    }\r\n    $path = \"HKLM:SOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem\"\r\n    $filter = \"ConsentPromptBehaviorAdmin|ConsentPromptBehaviorUser|EnableInstallerDetection|EnableLUA|EnableVirtualization|PromptOnSecureDesktop|ValidateAdminCodeSignatures|FilterAdministratorToken\"\r\n    Write-Host \"Before:\"\r\n    (Get-ItemProperty $path).psobject.properties | Where-Object { $_.name -match $filter } | Select-Object name, value\r\n\r\n    try {\r\n        $filter -split '|' | ForEach-Object {\r\n            Set-ItemProp -Path $Path -Name $_ -Value (Get-Variable -Name $_).Value\r\n        }\r\n    }\r\n    catch {\r\n        Write-Error $_\r\n        exit 1\r\n    }\r\n\r\n    Write-Host \"After:\"\r\n    (Get-ItemProperty $path).psobject.properties | Where-Object { $_.name -match $filter } | Select-Object name, value\r\n}\r\nend {}<\/pre>\n
 <\/p>\n\n
F\u00e5 tillg\u00e5ng till \u00f6ver 300 skript i NinjaOne Dojo<\/p>\n
F\u00e5 tillg\u00e5ng till<\/a><\/p>\n<\/div>\n
Potentiella anv\u00e4ndningsomr\u00e5den<\/h2>\n
T\u00e4nk dig ett scenario d\u00e4r ett f\u00f6retag distribuerar ny programvara som kr\u00e4ver specifika UAC-inst\u00e4llningar f\u00f6r optimal prestanda och s\u00e4kerhet. Ist\u00e4llet f\u00f6r att konfigurera varje dator manuellt kan IT-teamet anv\u00e4nda detta skript f\u00f6r att s\u00e4kerst\u00e4lla att varje maskin \u00e4r korrekt konfigurerad. F\u00f6r f\u00f6retag som m\u00e5ste f\u00f6lja strikta s\u00e4kerhetsf\u00f6reskrifter kan skriptet dessutom bidra till att s\u00e4kerst\u00e4lla efterlevnaden genom att standardisera UAC-inst\u00e4llningarna \u00f6ver hela linjen.<\/p>\n
Vanliga fr\u00e5gor<\/h2>\n
    \n
  • Vilka operativsystem st\u00f6der detta skript?
    \nSkriptet \u00e4r utformat f\u00f6r Windows 7, Windows Server 2012 och senare versioner.<\/li>\n
  • Vilka beh\u00f6righeter kr\u00e4vs f\u00f6r att k\u00f6ra skriptet?
    \nSkriptet m\u00e5ste k\u00f6ras med administrat\u00f6rsbeh\u00f6righet.<\/li>\n
  • Finns det n\u00e5gra risker med att anv\u00e4nda detta l\u00e4kemedel?
    \nSom med alla skript som \u00e4ndrar systeminst\u00e4llningar finns det risk f\u00f6r oavsiktliga konsekvenser. S\u00e4kerhetskopiera och testa alltid f\u00f6re allm\u00e4n drifts\u00e4ttning.<\/li>\n<\/ul>\n
    Konsekvenser f\u00f6r s\u00e4kerheten<\/h2>\n
    UAC-inst\u00e4llningarna spelar en avg\u00f6rande roll f\u00f6r systems\u00e4kerheten. Felaktiga inst\u00e4llningar kan oavsiktligt ge skadlig kod klartecken att installeras eller k\u00f6ras utan anv\u00e4ndarens tillst\u00e5nd. Genom att automatisera konfigurationsprocessen minskar skriptet risken f\u00f6r m\u00e4nskliga misstag, men understryker samtidigt vikten av att f\u00f6rst\u00e5 konsekvenserna av varje inst\u00e4llning.<\/p>\n
    Rekommendationer<\/h2>\n
      \n
    • S\u00e4kerhetskopiera alltid registret innan du g\u00f6r \u00e4ndringar f\u00f6r att skydda dig mot eventuella problem.<\/li>\n
    • Testa skriptet p\u00e5 en enda maskin eller i en kontrollerad milj\u00f6 innan du distribuerar det i hela n\u00e4tverket.<\/li>\n
    • H\u00e5ll dig uppdaterad om b\u00e4sta praxis f\u00f6r UAC-inst\u00e4llningar f\u00f6r att s\u00e4kerst\u00e4lla optimal s\u00e4kerhet.<\/li>\n<\/ul>\n
      Avslutande tankar<\/h2>\n
      I det st\u00e4ndigt f\u00f6r\u00e4nderliga IT-s\u00e4kerhetslandskapet \u00e4r verktyg som detta UAC-konfigurationsskript ov\u00e4rderliga. Genom att f\u00f6rst\u00e5 och utnyttja s\u00e5dana verktyg kan IT-personal skapa en s\u00e4krare och effektivare milj\u00f6 f\u00f6r sina anv\u00e4ndare.<\/p>\n","protected":false},"author":35,"featured_media":207143,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","_lmt_disableupdate":"no","_lmt_disable":""},"operating_system":[4212],"use_cases":[4255],"class_list":["post-208689","script_hub","type-script_hub","status-publish","has-post-thumbnail","hentry","script_hub_category-windows"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/script_hub\/208689","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/script_hub"}],"about":[{"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/types\/script_hub"}],"author":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/users\/35"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/comments?post=208689"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/media\/207143"}],"wp:attachment":[{"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/media?parent=208689"}],"wp:term":[{"taxonomy":"script_hub_category","embeddable":true,"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/operating_system?post=208689"},{"taxonomy":"use_cases","embeddable":true,"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/use_cases?post=208689"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}