Our thinking


Allow non-admin users to use WireGuard on Windows

It’s frustrating that out of the box WireGuard only allows admin users to open the main WireGuard window. The error you receive says “WireGuard may only be used by users who are a member of the Builtin Administrators group”

Fortunately there is a way to fix this.

You need to create a registry key first, under HKEY_LOCAL_MACHINE/SOFTWARE/Wireguard

The Wireguard entry likely does not already exist under HKLM/Software (it’s not there by default) so you can create it in Regedit.

Under this key, create a new DWORD value called LimitedOperatorUI and set it to 1.

So, the full path is HKEY_LOCAL_MACHINE/SOFTWARE/Wireguard/LimitedOperatorUI = 1

Once this has been done, add the current user to the Network Configuration Operators group, reboot and you should be good to go. If it doesn’t work, you may need to launch the WireGuard app as an Administrator at least once, and then should be able to run it as a regular user.

If you want to do this in CMD, you can type in:

REG ADD HKLM\Software\WireGuard /V LimitedOperatorUI /T REG_DWORD /D 1 /F

NET LOCALGROUP "Network Configuration Operators" AD\username /ADD

Where AD\Username is the local username you want to run WireGuard as. If this machine is joined to Azure AD, then the username will be something like AzureAD\UserName (e.g. AzureAD\KaiHowells)

6 thoughts on “Allow non-admin users to use WireGuard on Windows

  1. adding normal user to that group will give him several permission, is there a way to avoid this? my goal its just to hide the wireguard config for users.

Leave a Reply