Microsoft recently released the document "Applying the Principle of Least Privilege to User Accounts on Windows XP" (at the URL below), which aims to help you implement least-privileged user accounts (LUAs) in your Windows XP environment. The LUA terminology has been in use for quite a while now. Even so, Microsoft apparently wanted a clearer phrase for the concept. Initially, LUA was renamed User Account Protection (UAP), and most recently, the company landed on User Account Control (UAC), which will be the terminology used from here on out.

http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/luawinxp.mspx

When Windows Vista makes its debut, native UAC will be built into the OS, so you won't have to jump through countless hoops trying to limit use of administrative privileges on your network. Vista will expose new UAC policies that let you better control user accounts.

When using Vista, you'll either be considered a standard user or an administrator with privileges and rights appropriate to those two general types of accounts. For example, there will be 14 different types of administrative consent that cover the usual tasks a person might need to perform.

In general, Vista will operate a bit more like Linux systems when it comes to administrative access. You'll operate on the desktop with least privileges, and your account will have a policy assigned to handle any need for elevation of privileges. Standard users will either be prompted for credentials (username and password) or denied elevated access outright, depending on the policy settings. Administrative accounts will have both those possibilities, plus a Prompt for Consent option. In the latter case, administrators would simply click Yes or No to elevated privileges instead of having to enter their credentials.

Application installation will be an issue for some users, depending on their particular network. Vista will let you control whether elevation takes place when required by an application. Microsoft said that in an enterprise network, such elevation probably won't be required when installation is delegated to Group Policy Software Install (GPSI) or Microsoft Systems Management Server (SMS).

Another policy will govern applications that require elevation of privileges. You'll be able to deny elevation if the applications don't have a valid digital signature. To help with legacy applications that don't adhere to Vista's new architecture, you'll also be able to redirect registry and file writing activity to safe areas on the system. In other words, applications that typically write to the HKEY_LOCAL_MACHINE\SOFTWARE registry subkey or the Program Files, Windows, or Windows\System32 directories will still be able to run, but any write I/O will be written to virtualized locations instead of those actual locations. So the applications will run correctly, but sensitive storage areas won't be overly exposed.

UAC will be a welcome change in Windows that will surely bring greater security. There will of course be the usual learning curve, so the sooner you get started understanding the ins and out, the better off you'll be when you begin to use the OS. You can catch glimpses of developing UAC functionality by reading Microsoft's UACBlog (at the URL below) on the Microsoft Developer Network (MSDN).

http://blogs.msdn.com/uac/default.aspx