Out for the weekend, hunting!
Experts, maybe someone would like to verify and analyse this strange behavior (seen on win7/8.x/10, UAC on):
--
You will be able to reproduce this on any win10 or win8.1 system, most probably also on win7, but I have only tested those two.
1 open secpol.msc, and grant the privilege "change the system time" to user "testuser"
2 login as testuser and try to change the time - works. Logoff.
3 add testuser to another privileged local group, for example "network configuration operators"
4 login as testuser, try to change the time... Access is denied.
Strange, isn't it? But as with all bugs in security matters, we need to analyze it. The same happens if in step 3 we use the group "power users". It does not happen for any other local groups, though, just these two.
--
(posted the same on technet, no one helpful over there)
Our community of experts have been thoroughly vetted for their expertise and industry experience.
The Distinguished Expert awards are presented to the top veteran and rookie experts to earn the most points in the top 50 topics.