Step 3: Differentiating security levels

I find it very valuable when I am running apps with multiple security contexts on one desktop to be able to easily tell them apart. I don't want to accidentally use something running in the command shell running as admin if I didn't specifically want to run it as admin.

cmd.exe /t:fc /k cd c: && title ***** Admin console *****

In this example, this shows you how you to use command line options to visually differentiate a command shell. The /t will change the color, /k says run these commands then don't close when you are done running them.

I like to change the title and the color and also change out of System32, I prefer to run out of a different location, for instance the home directory in the C:. The C: is a little less dangerous, it seems to me than System32.

For Explorer and Internet Explorer you can specify a background bitmap that appears over the toolbars menu.

The easiest way to do that is to download and run TweakUI (see resources) and go to IE options and choose a bitmap. Above is the Explorer running as Admin bitmap that I like to use. That way, whenever you are running Explorer or IE with the admin account, this background bitmap appears and you can easily tell it is running as Admin.

Elevating privileges for administrators

 Home: Introduction
 Step 1: RunAs dialog
 Step 2: RunAs command line
 Step 3: Differentiating security levels
 Step 4: MakeMeAdmin
 Step 5: Caveats
 Step 6: Resources

Aaron Margosis is a Senior Consultant with Microsoft Consulting Services, focusing on US Federal government customers. He specializes in application development on Microsoft platforms and products with an emphasis on application and platform security. Aaron has blogged extensively about how to run Windows as a non-admin, and created the popular MakeMeAdmin and PrivBar utilities. Aaron holds Bachelors and Masters Degrees from the University of Virginia, and calls Arlington, VA, home.
Copyright 2005 TechTarget

This was first published in April 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.