Unify the management of the UAC control hierarchy through Domain security policy.
In an enterprise, there is a lot of clients .
Generally speaking; a system administrator should manage at least tens of clients, even amount to hundreds of ones. Obviously, it would be a real chore without challenging, if the UAC of the clients required adjusting one by one .According to my test, the UAC can be used in conjunction with GPO (group policy object) or domain security policy, that is to say, the control level can be set in domain controller or group levels. When the clients join in the domain or the Group, this level will be inherited. So, there is no need to set the UAC control level in each of clients. To be honest, Microsoft works pretty well in this respect. Although the structure and management of Microsoft domain is complex, the function is comparatively strong. And the domain context is always necessary to make some applications of advanced features more flexible. At least, this domain context can provide a platform to manage the clients intensively.