Shim to bypass code sign verification under UAC
Hi team, I do a lot of packaging for my company, and recently we have restructured our environment/AD to use the delegation model. That being said, a lot of applications that were getting away due to the laxed AD security we had in the legacy environment are now being flagged because some of the applications are not digitally signed. Now I have shimmed some of them to get around the UAC restrictions with the "RunasInvoker" shim, but that only addresses elevation for admin perms. However, there is still the issue of those that are not digitally signed so when they are launched, they get the "referral was returned from the server" error. I know I can change the value of the ValidateAdminCodeSignatures reg key to 0 to get by the issue, but GPO resets it back. I am hoping there is a shim setting that can address that.
Answers (0)
Be the first to answer this question