Comment 2 for bug 465054

Confirmed: replacing occurrences of <allow_active>auth_admin_keep</allow_active> with <allow_active>yes</allow_active> does make the problem disappear. There is more than one occurrence of this line. I don't know what difference this actually makes from a policykit / security standpoint -- but it does mean that I can mount my internal windows drives without a password now.