It appears that if a user is running the 7.6 agent and is an Administrator on their PC then during a Desktop Sharing session the remote user cannot control the SMA interface on the Host computer when control is passed.
A banner message appears stating ‘other people can’t control applications that require admin privileges’
Other people can’t control applications that require admin privileges
This is caused by security of the operating system and user access control. In order to show the icon the process has to have certain privileges, specifically the same integrity level as Windows Explorer. If Explorer has "High Integrity Level" then SMA UI process has to have High level as well, if Explorer has Medium then SMA UI process has to have Medium or High. Process with lower integrity level does not have access to higher integrity level process, that's a security feature introduced in Vista along with UAC. Explorer has High level at least on server OS where UAC is off.
Additionally this problem was not seen in earlier versions of ITMS. For 7.6, security features were added to the product causing this problem to be noticeable.
This was not a problem in 7.5 because agent's UI in 7.5 was running in a context of the logged on user but without any UAC elevation. This means UI did not have admin privileges when you're logged in as the administrator and UAC is on, this caused other functionality to not work if UAC is on. Now the 7.6 UI is running in context of the elevated admin.
This issue has been reported to the Symantec Development team. A fix will be available in a later release (current ETA is ITMS 8.0).
For whatever software is applicable, the user will have to launch the program as administrator.
For WebEx: Internet Explorer on the host machine should be started "as administrator" prior to running WebEx session there. That solves the problem - IE gets High Integrity level and WebEx process atmgr.exe also gets High integrity level and it can access SMA UI, regedit UI and any other app UI.
For Skype. Skype for Business should be also started "as administrator", this leads to lunx.exe running with "High Integrity level" and ability to control any app UI.
A pointfix for ITMS 7.6 HF5 is available. See attached "Pointfix_eTrack3885600_SMP_7.6_HF5.zip"
Installed SMP 7.6 HF5
HOW TO INSTALL THIS POINTFIX:
Note: will this value set to default if the agent is upgraded or reinstalled?
No, the value is never changed by the agent, if it is set, it will not be touched by agent, upgrade or reinstall.
But if you uninstall agent then the whole registry key will be gone and value will be lost.
HOW TO UNINSTALL: