Given the following situation: An Enterprise/Domain Admin is logged on to a W2k8 server and wants to access a folder, which has an ACE giving Enterprise/Domain Admins full access permissions on this folder and all of its content. Windows requests elevation for this operation and if one confirms, it adds an additional ACE giving the user full access permissions, too. In turn, if one uses a non-administrator account which also full access permissions on the very same folder, it just can access it without elevation prompt and any changes to the ACL.
How can I disable the former behaviour? This is extremely annoying as it changes the files requiring an extra backup operation for all files accessed by admins. Furthermore, it totally ruins the inheritance of ACLs in the file systems.
Any insights would be appreciated.
Best regards,
Christoph