networking:misc:wireguard_01
This is an old revision of the document!
Setting WireGuard Client for non administrative accounts
To make the WireGuard windows app better (for non-admin users) you need to make your user(s) a member of the “Network Configuration Operators” group.
This allows you enable/disable (or choose if you have multiple) the VPN without needing to be a member of the Administrators group. You also need to add a line to the registry.
Here's the powershell code to do that:
New-ItemProperty "hklm:\software\wireguard" -Name "LimitedOperatorUI" -Value 1 -PropertyType "DWord" -Force
Or you can do it from command prompt:
> reg add HKLM\Software\WireGuard /v LimitedOperatorUI /t REG_DWORD /d 1 /f
When this key is set to DWORD(1), the UI will be launched on desktops of users belonging to the Network Configuration Operators builtin group (S-1-5-32-556), with the following limitations for members of that group:
- Configurations are stripped of all public, private, and pre-shared keys;
- No version update popup notifications are shown, and updates are not permitted, though a tab still indicates the availability;
- Adding, removing, editing, importing, or exporting configurations is forbidden; and
- Quitting the manager is forbidden.
Add-LocalGroupMember -Group "Network Configuration Operators" -Member "$username"
https://git.zx2c4.com/wireguard-windows/about/docs/adminregistry.md
networking/misc/wireguard_01.1640932054.txt.gz · Last modified: 2021/12/31 06:27 by rplecko