Windows 10 October 2018 Update rollout now paused


  1. Posts : 4,666
    Windows 10 Pro x64 21H1 Build 19043.1151 (Branch: Release Preview)
       #2130

    If this development keeps going in this direction, soon also Windows Server will become a freaking Toy for Ninja Cats with Taco Hats. Unless it has already become that...I would not know since I have no need for a heavy Windows Server, when a lightweight Linux server works much better.
      My Computers


  2. Posts : 3,453
       #2131

    slicendice said:
    If this development keeps going in this direction, soon also Windows Server will become a freaking Toy for Ninja Cats with Taco Hats. Unless it has already become that...I would not know since I have no need for a heavy Windows Server, when a lightweight Linux server works much better.
    Yup, well said T - and yes Admin is a backdoor... MS should close that.
      My Computer


  3. Posts : 69
    Windows 11 Pro 64bit
       #2132

    VBF said:
    Good question! I'd like to know that, too.
    Well, it is actually recommended to use Windows with a User account and type the admin password when needed (as in Linux). If you want it exactly like in Linux with sudo as root you should activate the default inactivated Local Administrator account, assign that a password and type that password when asked for admin tasks. That local account belong to group 'Adminstrator' (not the same as 'Administrators' with an 's') and has higher privileges than 'Administrators' (with an 's').

    I am too lazy myself so I run my daily tasks belonging to 'Adminstrators' even though I know I ought to be a 'User'.

    The TrustedInstaller account is the super admin account of Windows. Why we have it can be debated but I guess it's because MS knows that most people run as Administrators and still want to keep certain things private.

    If you need to change things in the registry (for instance RuntimeBroker) I have todays tip for you:

    - Temporary change owner to 'Adminstrators' of a key, click 'change owner for all subkeys' and 'Apply'
    - Then give Adminstrators full access to all keys, click 'Apply'
    - Last, change back ownership to 'NT SERVICE\TrustedInstaller'. Important step actually which most people don't care about. Certain keys MUST be owned by TrustedInstaller and not Administrators.
      My Computers


  4. Posts : 4,666
    Windows 10 Pro x64 21H1 Build 19043.1151 (Branch: Release Preview)
       #2133

    Superfly said:
    Yup, well said T - and yes Admin is a backdoor... MS should close that.
    Not completely close it, but make it so it can only be activated locally and only by physically being present on the computer.

    Windows and its tools is an administration nightmare. Linux administration is easy and simple, yet secure. Why does MS over complicate things so much? They should start from scratch and add optional compatibility layers for backwards compatibility for those who needs it.

    Windows is cool, but sometimes I feel like tossing the crap out through the window and use something else.
      My Computers


  5. Posts : 4,666
    Windows 10 Pro x64 21H1 Build 19043.1151 (Branch: Release Preview)
       #2134

    Fredrik said:
    Well, it is actually recommended to use Windows with a User account and type the admin password when needed (as in Linux). If you want it exactly like in Linux with sudo as root you should activate the default inactivated Local Administrator account, assign that a password and type that password when asked for admin tasks. That local account belong to group 'Adminstrator' (not the same as 'Administrators' with an 's') and has higher privileges than 'Administrators' (with an 's').

    I am too lazy myself so I run my daily tasks belonging to 'Adminstrators' even though I know I ought to be a 'User'.

    The TrustedInstaller account is the super admin account of Windows. Why we have it can be debated but I guess it's because MS knows that most people run as Administrators and still want to keep certain things private.

    If you need to change things in the registry (for instance RuntimeBroker) I have todays tip for you:

    - Temporary change owner to 'Adminstrators' of a key, click 'change owner for all subkeys' and 'Apply'
    - Then give Adminstrators full access to all keys, click 'Apply'
    - Last, change back ownership to 'NT SERVICE\TrustedInstaller'. Important step actually which most people don't care about. Certain keys MUST be owned by TrustedInstaller and not Administrators.
    That's the thing, the whole thinking logic should be changed by MS. The built in Admin account can't do squat by default.

    I have litterally changed permissions for thousands of keys in order to make Windows decent and a new upgrade resets all that, and I have to start all over.

    A simple service modification requires me to change permissions in the registry in multiple places, just so that I can change the behavior. Makes no sense.

    One solution would be to give ownership to Administrator for the full registry, but the editor would most likely crash before all permissions are set.
      My Computers


  6. Posts : 3,453
       #2135

    slicendice said:
    Not completely close it, but make it so it can only be activated locally and only by physically being present on the computer.

    Windows and its tools is an administration nightmare. Linux administration is easy and simple, yet secure. Why does MS over complicate things so much? They should start from scratch and add optional compatibility layers for backwards compatibility for those who needs it.

    Windows is cool, but sometimes I feel like tossing the crap out through the window and use something else.
    LOL.. I'm not sure it's so cool tho'... really not feeling the luv... :)
      My Computer


  7. Posts : 4,666
    Windows 10 Pro x64 21H1 Build 19043.1151 (Branch: Release Preview)
       #2136

    Superfly said:
    LOL.. I'm not sure it's so cool tho'... really not feeling the luv... :)
    Lol, I see the potential of cool, but that is pretty much it.
      My Computers


  8. Posts : 69
    Windows 11 Pro 64bit
       #2137

    slicendice said:
    That's the thing, the whole thinking logic should be changed by MS. The built in Admin account can't do squat by default.

    I have litterally changed permissions for thousands of keys in order to make Windows decent and a new upgrade resets all that, and I have to start all over.

    A simple service modification requires me to change permissions in the registry in multiple places, just so that I can change the behavior. Makes no sense.

    One solution would be to give ownership to Administrator for the full registry, but the editor would most likely crash before all permissions are set.
    I agree. You can, as suggested previous in this thread, use ExecTI to make changes in the registry as TrustedInstaller.
      My Computers


  9. Posts : 4,666
    Windows 10 Pro x64 21H1 Build 19043.1151 (Branch: Release Preview)
       #2138

    Fredrik said:
    I agree. You can, as suggested previous in this thread, use ExecTI to make changes in the registry as TrustedInstaller.
    Yes, there are always work arounds, but using 3rd-party tools to solve simple problem makes absolutely no sense either.
      My Computers


  10. VBF
    Posts : 602
    Win 10 Pro
       #2139

    Fredrik said:
    About the other 10016 events, mostly RuntimeBroker and Immersive Shell I don't think MS will correct since it's normally non-Microsoft applications (like Google Chrome) that triggers them.
    Yes that certainly seems to be the case on my systems. I use Chrome a lot and there seems to be a correlation.
    Your earlier suggestion: setting Local Activation for 'Users' is interesting too.
      My Computers


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 19:01.
Find Us




Windows 10 Forums