i put an shortcut in shell:startup
if i deactivate "run as Administrator" the shortcut works fine
But with admin rights (i need them) it wont show up
Thats the shortcut-proberties:
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoExit -Command "C:\Users\admin\Downloads\Execute_Windows_Update.ps1"
Execute_Windows_Update.ps1:
Set-ExecutionPolicy RemoteSigned
Install-Module -Name PSWindowsUpdate
Import-Module PSWindowsUpdate
Install-WindowsUpdate -AcceptAll -AutoReboot
Windows does not allow startup items to UAC elevate. This was strictly enforced in Vista
Error message when you start a Windows Vista-based computer: "Windows has blocked some startup programs"
This was relaxed a bit in 7 but some things are still probably blocked to prevent a flooding of UAC prompts at startup.
The task scheduler is a way around this.
Related
Even if you are a authoritative user and you need to do something that requires extended privileges, I have to run the terminal again by right clicking it as choosing "Run as Administrator" unlike in Linux and other operating systems where we can take help of "su" or "sudo".
My question is : Is there any way to get the same terminal window as a administrator one?
To programmatically start an elevated new PowerShell session (with administrative privileges) on Windows - invariably in a new window - from an existing session, use:
Note:
The command below invariably opens the elevated PowerShell instance in an - invariably new - regular console window (conhost.exe) - see next section for use from Windows Terminal.
Start-Process -Verb RunAs (Get-Process -Id $PID).Path
The above works in both PowerShell editions and uses the same executable that is running the current session; you can take a shortcut if you know the executable name and can assume it to be the first in $env:PATH when invoked by name only; for Windows PowerShell:
Start-Process -Verb RunAs powershell
and for PowerShell (Core) 7+:
Start-Process -Verb RunAs pwsh
See this answer for convenience functions, including for cross-platform use and the ability to pass commands to execute in the elevated session.
To open the elevated session in Windows Terminal (also invariably in a new window):
# As above, 'powershell.exe' or 'pwsh.exe' may do as the argument.
# See below for Windows Terminal profile-related options.
Start-Process -Verb RunAs wt.exe ('"{0}"' -f (Get-Process -Id $PID).Path)
Note:
If the desired PowerShell executable is the your Windows Terminal's default profile, you can omit the argument after wt.exe
# Launch the elevated session with the shell configured as
# the default profile.
Start-Process -Verb RunAs wt.exe
If you want to target a specific Windows Terminal profile, pass its name (or GUID) case-exactly to the -p (--profile) parameter; e.g.:
# Launch the elevated session with the "Windows PowerShell" profile.
Start-Process -Verb RunAs wt.exe '-p "Windows PowerShell"'
I'd like a script to be used in this situation:
gain remote access without admin privileges
remotely start Quick Assist as .\Administrator and not have a UAC dialogue.
Step 1 is usually made with Quick Assist, sometimes made with Teams screen sharing.
I'm aware that I can locate quickassist.exe in File Explorer then use Shift and the context menu to Run as a different user, however I'd like a scripted approach.
Experiment A
This works, but there's a Yes/No UAC dialogue:
$isElevated = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
if ( -not $isElevated ) {
Start-Process powershell.exe -Credential Administrator -NoNewWindow -ArgumentList {
Start-Process quickassist.exe -Verb RunAs ;
} ;
}
Experiment B
I make multiple mistakes, don't know how to correct them. (I'm trying to learn PowerShell, gradually, but I'm easily confused whilst learning; slightly dyslexic.)
$isElevated = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
if ( -not $isElevated ) {
Start-Process powershell.exe -Credential Administrator {
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" -Name "PromptOnSecureDesktop" -Value 0 -Force;
};
Write-Host "UAC (user account control) is weakened for a Quick Assist session …" -ForegroundColor Red;
Start-Process powershell.exe -Credential Administrator -NoNewWindow -ArgumentList {Start-Process quickassist.exe -Verb RunAs -Wait};
Write-Host "… Quick Assist session complete …" -ForegroundColor Red;
Start-Process powershell.exe -Credential Administrator {
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" -Name "PromptOnSecureDesktop" -Value 1 -Force;
};
Write-Host "… UAC is strengthened." -ForegroundColor Red;
}
the two intended changes to the registry do not occur
the third credential dialogue appears too soon – I want it to not appear until after the end of the Quick Assist session.
Also, conceptually, there's probably no need to run Quick Assist as Administrator whilst UAC is temporarily weakened.
References
https://stackoverflow.com/a/2258134/38108 (2010-02-13) I see use of -Credential with Invoke-Command but when I try to do something similar, for changes to the registry, I make a mess.
https://stackoverflow.com/a/47516161/38108 (2017-11-27) self-elevating PowerShell scripts.
https://superuser.com/a/1524960/84988 (2020-02-12) and https://serverfault.com/a/1003238/91969 (2020-02-15) are interesting – the same script in both answers – however I need something like -Credential Administrator in lieu of -ComputerName.
https://stackoverflow.com/a/60292423/38108 (2020-03-07) via https://stackoverflow.com/a/60263039/38108
PowerShell commands - PowerShell - SS64.com
https://github.com/okieselbach/Intune/blob/master/DisablePromptOnSecureDesktop.ps1 (2020-11-13) via Quick Assist the built-in Remote Control in Windows 10 – Modern IT – Cloud – Workplace
The short answer is don't. Get a real remote management tool or have someone hit the UAC yes prompt.
This is more of a windows thing than powershell, as windows explicitly denies elevating a process locally without going through UAC (and for good reason!). You used to be able to do things like this:
# Use Enter-PSSession to start a "remote" session
# This may still support elevation if you specify CredSSP and configure credential delegation):
New-PSSession MyPCName -Auth CredSSP -cred (get-credential)
# Create a scheduled task with RunAs/elevated permissions:
Register-ScheduledTask -Action $action -User .\Administrator -TaskName "Admin-Stuff" -RunLevel Highest
Which now give fat access denied messages when running locally. You also are not able to edit registry settings within HKLM: without elevation, so disabling uac temporarily is not an option.
You may be able to make use of this exploit that allows admin users to bypass uac, but I think you still have to Run-as-other-user your shell to use it.
My user account does not have any special privileges. I try to start powershell as user with administrator privileges:
Start-Process -Credential $c -FilePath powershell
Unfortunately, while indeed another window opens, there must be some strange correlation between both processes: they cannot be practically used.
When I leave out the credential param, both windows appear to be independent.
BTW, I cannot use runas, since it doesn't support PSCredentials and, as far as I can tell, "verb" will not help, as my default user cannot elevate.
I would like to install Weblogic 12c in my system. But I do have implications. I do carry admin privilege in my local system but do not carry Administrator login password. I tried in Windows 10. And in prior Windows 7 also, but I had the implication of Logged-in User, that he belongs to Administrators Group, but it was not Windows Administrator login.
C:\Users\Sathasivam_Anand\Downloads\fmw_12.2.1.2.0_wls_Disk1_1of1>runas /user:Ad
ministrator "java -jar fmw_12.2.1.2.0_wls.jar"
Enter the password for Administrator:
As per the first answer to this question, I am able to run java which doesn't need any admin privilege, obviously. cmdlets are correct but unclear what I have deal with Runas argument. I am getting following error in PowerShell
PS C:\Users\Sathasivam_Anand\Downloads\fmw_12.2.1.2.0_wls_Disk1_1of1> Start-Proc
ess -Verb Runas "C:\Progra~1\Java\jdk1.8.0_112\bin\java -jar .\fmw_12.2.1.2.0_wl
s.jar"
Start-Process : This command cannot be run due to the error: The system cannot
find the file specified.
At line:1 char:1
+ Start-Process -Verb Runas "C:\Progra~1\Java\jdk1.8.0_112\bin\java -ja ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Start-Process], InvalidOp
erationException
+ FullyQualifiedErrorId : InvalidOperationException,Microsoft.PowerShell.C
ommands.StartProcessCommand
PS C:\Users\Sathasivam_Anand\Downloads\fmw_12.2.1.2.0_wls_Disk1_1of1>
How do I overcome this situation.
Is there a way by using cmdLets in powershell this situation can managed by using pipes or so if required.
You should be clear that belonging to Administrators Group doesn't mean that I can do programs which requires to be as Administrator that I can run with runas /user:Administrator "command", obviously wrong answer. Removing right tick hence.
If you can, please clarify as a another Answer.
By using runas /user:Administrator you are telling the computer to run this as the user Administrator, which is very different that running an application with Administrative privileges.
You mentioned that your account has those privileges so either you can run cmd or PowerShell by Right click and selecting "Run as Administrator" which will then likely give the UAC prompt and then everything done in that session will be with Administrative privileges. Otherwise from an unelevated PowerShell window you can run the command Start-Process with the -Verb Runas parameter which will attempt to start that process with administrative rights (likely UAC prompt).
I have a short .cmd file which I would like to run as part of my deployment process. Unfortunately the .cmd file requires administrator privileges. Is it possible to get administrator permission from within rake, or do I need to start the shell as admin?
You can try the runas command. I don't know what your rake task looks like, but if you're running Kernel#system, try
task :foo do
system "runas /profile /user:#{ENV["COMPUTERNAME"]}/Administrator mybatchfile.cmd"
end
Only trouble is, runas prompts for credentials right there in the shell. So, you'd have to be interactive.
irb > system "runas ..."
Enter the password for FOOBAR/Administrator:
There's this nasty looking batch/WSH answer from another question on SO. I don't know where you put your command, this looks interactive, as well.
You might try the PowerShell Start-Process cmdlet that supports showing a UAC prompt.
PS> Start-Process mybatchfile.cmd -Verb runas
Or, in Rake
task :foo do
system "powershell -NoProfile -NonInteractive -ExecutionPolicy Bypass -command \"Start-Process mybatchfile.cmd -Verb runas\""
end
But that will also launch a UAC dialog. The whole process is going to need to be interactive. You can't have an interactive build script. Your only choice is allowing your build server to run with UAC off... then, you don't have to do anything, because all your prompts will be Admin by default.