If you have UAC enabled then it is not a good idea to run Directory Opus "as administrator" (i.e. "elevated").
You should run Opus at the standard level, as you would most other software, and instead use the built-in UAC support and Administrator Mode functionality to elevate individual commands or windows, as required.
If you have UAC turned off completely in Windows then this is not an issue. (Windows 8 / Windows 10: See the note below.) Similarly, if UAC is on but you are using an account which is not subject to it (typically the hidden built-in administrator account) then that is not an issue either. Opus works fine running as administrator if the rest of your desktop is also running as administrator, as is the case with UAC turned off and on earlier OS versions like Windows XP. Opus works just as well with UAC as without it. Problems will only occur if Opus is running at a higher elevation level than the rest of your desktop.
Note that Windows 8, Windows 10 and above no longer allow UAC to be turned off completely via the normal control panel. Instead, the lowest setting in the UAC control panel leaves UAC on but silently accepts all elevation requests. The lowest slider setting does not turn off UAC in newer versions of Windows; it just automatically clicks 'yes' to UAC prompts before they appear, so you may think you have UAC turned off but in reality it is still enabled.
The UAC security model prevents or limits interaction between elevated and non-elevated processes. As a consequence of this, if you run Opus elevated under UAC then:
- Double-click on desktop will not work at all.
- Explorer Replacement will not work correctly (if at all).
- Drag-and-drop between Opus and other programs may be blocked.
- Network shares (mapped drives) created as a non-elevated user may not be available
- Other programs launched from Opus will inherit administrator privileges.
There are also several programs which (due to registry/filesystem virtualization) will load and store their settings in different places when launched elevated. For example, you may launch a program elevated and change its configuration, then run it again without elevation and discover your configuration changes are not reflected.
If you have set Opus to "Run as Administrator" mode we recommend turning this option off.
Opus UAC Support
Opus supports UAC natively and will prompt for elevation when required to perform administrator actions, so the program itself does not need to be run with elevated permissions (more information).
Opus also has a unique Admin Mode -- unrelated to the general "Run as Administrator" setting provided by Windows -- which lets you perform multiple administrator actions with only one UAC prompt. Admin Mode is local to the Opus window you turn it on in and does not affect the rest of the program (more information).
(Note that when using an Admin Mode window, programs you launch via Opus buttons will usually be elevated. As a result you can still run into the last problem listed above within Admin Mode. The assumption is that if you launch a program on files while in Admin Mode then you want that program to have administrator access to the files. However, Opus's UAC Admin mode will not cause any of the other problems and you can toggle in and out of the mode without restarting the program or affecting any other windows.)
Quick test to see if Opus is running elevated
- Starting with Directory Opus 11.17, Opus will detect the elevation mode and indicate it in the titlebar.
Below, everything is normal:
Below, everything is also fine. "Administrator" indicates the individual window, but not the whole process, has been elevated using Opus's Admin Mode:
But if you see "ADMINISTRATOR" in all-caps, as below, then the whole process has been elevated and you may run into problems:
- On older versions of Opus, or if you wish to double-check:
To quickly test whether Opus is running normally or elevated, go to C:\Windows and try to create a new folder. If you are able to create a folder there without a UAC prompt then one of the following must be true:
- UAC is off completely. (That's OK.)
- UAC is on, but you have Windows set to automatically click 'yes' to UAC prompts. (That's OK, but means the test was inconclusive.)
- UAC is on, but you're using an account which is not subject to UAC. (That's OK, but rare. Typically, Windows is configured to exempt the hidden built-in administrator account from UAC, but you have to go out of your way to use it.)
- UAC is on, and the entire Opus process is elevated. (This is what can cause problems and should be avoided.)
- The Opus window you used was switched into Admin Mode. (Obviously, do the test without putting the lister into Admin Mode!)
- Your C:\Windows folder permissions are messed up. (That would make the test inconclusive and may cause issues with Windows generally, but is unrelated to Opus.)
In newer versions of Windows, you can also check using Task Manager. This gives a more definitive answer, even if UAC is enabled but set to silently click 'yes' in all prompts. Open Task Manager, go to the Details tab, then right-click the header at the top of the list and click Select Columns. Add the Elevated column and see what it says for dopus.exe and explorer.exe:
Both should say No in the Elevated column.
How to turn off "Run as Administrator"
To turn off the "Run as Administrator" option, right-click on the Opus program shortcut and choose Properties.
On the Compatibility tab, make sure the "Run this program as an administrator" option is also off.
While looking at the Compatibility tab, also verify that Opus is not set to run with compatibility mode for an older version of Windows.
On the Shortcut tab, click the Advanced button, and make sure the "Run as administrator" option is off.
Finally, and if appropriate, make sure the thing you launch Opus from is not itself running as administrator. Anything launched by an admin process will inherit the admin elevation, unless the launching process goes out of its way to prevent it (and very few do).