How do I open a elevated command prompt using command lines on a normal cmd?
For example, I use runas /username:admin cmd but the cmd that was opened does not seem to be elevated! Any solutions?
I ran into the same problem and the only way I was able to open the CMD as administrator from CMD was doing the following:
Open CMD
Write powershell -Command "Start-Process cmd -Verb RunAs" and press Enter
A pop-up window will appear asking to open a CMD as administrator
I don't have enough reputation to add a comment to the top answer, but with the power of aliases you can get away with just typing the following:
powershell "start cmd -v runAs"
This is just a shorter version of user3018703 excellent
solution:
powershell -Command "Start-Process cmd -Verb RunAs"
Simple way I did after trying other answers here
Method 1: WITHOUT a 3rd party program (I used this)
Create a file called sudo.bat (you can replace sudo with any name you want) with following content
powershell.exe -Command "Start-Process cmd \"/k cd /d %cd%\" -Verb RunAs"
Move sudo.bat to a folder in your PATH; if you don't know what that means, just move these files to c:\windows\
Now sudo will work in Run dialog (win+r) or in explorer address bar (this is the best part :))
Method 2: WITH a 3rd party program
Download NirCmd and unzip it.
Create a file called sudo.bat (you can replace sudo with any name you want) with following content
nircmdc elevate cmd /k "cd /d %cd%"
Move nircmdc.exe and sudo.bat to a folder in your PATH; if you don't know what that means, just move these files to c:\windows\
Now sudo will work in Run dialog (win+r) or in explorer address bar (this is the best part :))
According to documentation, the Windows security model...
does not grant administrative privileges at all
times. Even administrators run under standard privileges when they
perform non-administrative tasks that do not require elevated
privileges.
You have the Create this task with administrative privileges option in the Create new task dialog (Task Manager > File > Run new task), but there is no built-in way to effectively elevate privileges using the command line.
However, there are some third party tools (internally relying on Windows APIs) you can use to elevate privileges from the command line:
NirCmd:
Download it and unzip it.
nircmdc elevate cmd
windosu:
Install it: npm install -g windosu (requires node.js installed)
sudo cmd
I use nirsoft programs (eg nircmdc) and sysinternals (eg psexec) all the time. They are very helpful.
But if you don't want to, or can't, dl a 3rd party program, here's another way, pure Windows.
Short answer: you can while elevated create a scheduled task with elevated privileges which you can then invoke later while not elevated.
Middle-length answer: while elevated create task with (but I prefer task scheduler GUI):
schtasks /create /sc once /tn cmd_elev /tr cmd /rl highest /st 00:00
Then later, no elevation needed, invoke with
schtasks /run /tn cmd_elev
Long answer: There's a lot of fidgety details; see my blog entry "Start program WITHOUT UAC, useful at system start and in batch files (use task scheduler)"
The following as a batch file will open an elevated command prompt with the path set to the same directory as the one from where the batch file was invoked
set OLDDIR=%CD%
powershell -Command "Start-Process cmd -ArgumentList '/K cd %OLDDIR%' -Verb RunAs "
While both solutions provided by Dheeraj Bhaskar work, unfortunately they will result in the UAC dialog showing up on top (z-order-wise) but not getting focused (the focused window is the caller cmd/powershell window), thus I either need to grab the mouse and click "yes", or to select the UAC window using Alt+Shift+Tab. (Tested on Win10x64 v1607 build14393.447; UAC = "[...] do not dim [...]".)
The following solution is a bit awkward as it uses two files, but it preserves the correct focus order, so no extra mouse / keyboard actions are required (besides confirming the UAC dialog: Alt+Y).
cmdadm.lnk (shortcut properties / Advanced... / Run as administrator = ON)
%SystemRoot%\System32\cmd.exe /k "cd /d"
su.bat
#start cmdadm.lnk %cd%
Run with su.
Make the batch file save the credentials of the actual administrator account by using the /savecred switch. This will prompt for credentials the first time and then store the encrypted password in credential manager. Then for all subsequent times the batch runs it will run as the full admin but not prompt for credentials because they are stored encrypted in credential manager and the end user is unable to get the password. The following should open an elevated CMD with full administrator privileges and will only prompt for password the first time:
START c:\Windows\System32\runas.exe /user:Administrator /savecred cmd.exe
My favorite way of doing this is using PsExec.exe from SysInternals, available at http://technet.microsoft.com/en-us/sysinternals/bb897553
.\psexec.exe -accepteula -h -u "$username" -p "$password" cmd.exe
The "-h" switch is the one doing the magic:
-h If the target system is Vista or higher, has the process run with the account's elevated token, if available.
I've been using Elevate for awhile now.
It's description - This utility executes a command with UAC privilege elevation. This is useful for working inside command prompts or with batch files.
I copy the bin.x86-64\elevate.exe from the .zip into C:\Program Files\elevate and add that path to my PATH.
Then GitBash I can run something like elevate sc stop W3SVC to turn off the IIS service.
Running the command gives me the UAC dialog, properly focused with keyboard control and upon accepting the dialog I return to my shell.
Dheeraj Bhaskar's method with Powershell has a missing space in it, alt least for the Windows 10 incarnation of Powershell.
The command line inside his sudo.bat should be
powershell.exe -Command "Start-Process cmd \"/k cd /d %cd% \" -Verb RunAs"
Note the extra space after %cd%
;)Frode
Similar to some of the other solutions above, I created an elevate batch file which runs an elevated PowerShell window, bypassing the execution policy to enable running everything from simple commands to batch files to complex PowerShell scripts. I recommend sticking it in your C:\Windows\System32 folder for ease of use.
The original elevate command executes its task, captures the output, closes the spawned PowerShell window and then returns, writing out the captured output to the original window.
I created two variants, elevatep and elevatex, which respectively pause and keep the PowerShell window open for more work.
https://github.com/jt-github/elevate
And in case my link ever dies, here's the code for the original elevate batch file:
#Echo Off
REM Executes a command in an elevated PowerShell window and captures/displays output
REM Note that any file paths must be fully qualified!
REM Example: elevate myAdminCommand -myArg1 -myArg2 someValue
if "%1"=="" (
REM If no command is passed, simply open an elevated PowerShell window.
PowerShell -Command "& {Start-Process PowerShell.exe -Wait -Verb RunAs}"
) ELSE (
REM Copy command+arguments (passed as a parameter) into a ps1 file
REM Start PowerShell with Elevated access (prompting UAC confirmation)
REM and run the ps1 file
REM then close elevated window when finished
REM Output captured results
IF EXIST %temp%\trans.txt del %temp%\trans.txt
Echo %* ^> %temp%\trans.txt *^>^&1 > %temp%\tmp.ps1
Echo $error[0] ^| Add-Content %temp%\trans.txt -Encoding Default >> %temp%\tmp.ps1
PowerShell -Command "& {Start-Process PowerShell.exe -Wait -ArgumentList '-ExecutionPolicy Bypass -File ""%temp%\tmp.ps1""' -Verb RunAs}"
Type %temp%\trans.txt
)
..
#ECHO OFF
SETLOCAL EnableDelayedExpansion EnableExtensions
NET SESSION >nul 2>&1
IF %ERRORLEVEL% NEQ 0 GOTO ELEVATE
GOTO :EOF
:ELEVATE
SET this="%CD%"
SET this=!this:\=\\!
MSHTA "javascript: var shell = new ActiveXObject('shell.application'); shell.ShellExecute('CMD', '/K CD /D \"!this!\"', '', 'runas', 1);close();"
EXIT 1
save this script as "god.cmd" in your system32 or whatever your path is directing to....
if u open a cmd in e:\mypictures\ and type god
it will ask you for credentials and put you back to that same place as the administrator...
There seem to be a lot of really creative solutions on this, but I found Stiegler & Gui made the most sense to me. I was looking into how I could do this, but using it in conjunction with my domain admin credential, instead of relying on the local permissions of the "current user".
This is what I came up with:
runas /noprofile /user:DomainName\UserName "powershell start cmd -v runas"
It may seem redundant, but it does prompt for my admin password, and does come up as an elevated command prompt.
Here is a way to integrate with explorer.
It will popup a extra menu item when you right-click in any folder within Windows Explorer:
Here are the steps:
Create this key: \HKEY_CLASSES_ROOT\Folder\shell\dosherewithadmin
Change its Default value to whatever you want to appear as the menu item text.
E.g. "DOS Shell as Admin"
Create another key: \HKEY_CLASSES_ROOT\Folder\shell\dosherewithadmin\command
and change its default value to this:
powershell.exe -Command "Start-Process -Verb RunAs 'cmd.exe' -Args '/k pushd "%1"'"
Done. Now right-click in any folder and you will see your item there within the other items.
*we use pushd instead of cd to allow it to work in any drive. :-)
For fans of Cygwin:
cygstart -a runas cmd
When a CMD script needs Administrator rights and you know it, add this line to the very top of the script (right below #ECHO OFF):
NET FILE > NUL 2>&1 || POWERSHELL -ex Unrestricted -Command "Start-Process -Verb RunAs -FilePath '%ComSpec%' -ArgumentList '/c \"%~fnx0\" %*'" && EXIT /b
The NET FILE checks for existing Administrator rights. If there are none, PowerShell restarts the current script (with its arguments) in an elevated shell, and the non-elevated script closes.
To allow running scripts -ex Unrestricted is necessary.
-Command executes the following string.
Start-Process -Verb RunAs runs a process As Administrator:
the shell (%ComSpec%, usually C:\Windows\System32\cmd.exe) starting (/c) the current script (\"%~fnx0\") passing its arguments (%*).
Maybe not the exact answer to this question, but it might very well be what people need that end up here.
The quickest way by far is to:
CTRL+ALT+DELETE
Run TASK MANAGER
Click FILE > Run New Task > type in "cmd" and tick the "Create this task with administrative privileges." box.
Not sure if this helps but this is how I managed to do it. Doesn't help if you need a command to run from batch but hey-ho ... I needed this just because windows explorer is corrupted and needed to fix it.
This is my workaround. Hope this helps someone if not the original poster.
A little late for an answer but answering anyway for latecomers like me.
I have two approaches. First one is based on little alteration to #Dheeraj Bhaskar's answer and second one is new(that is not mentioned in any answer here).
Approach 1: Create a admin command for windows(just for the sake of flexibility).
#ECHO OFF
powershell -Command "Start-Process %1 -Verb RunAs"
Open notepad -> copy/paste above script -> save it as admin.bat in c:\windows
A lot can be added in the above script to make it better but I've tried to keep it simple and also because I'm not an expert in batch scripting.
Now you can use admin as command to run any other command or application with elevated privileges.
To answer the original question- type admin cmd in standard cmd.
Approach 2:Using runas command. For this we need to enable the built-in Administrator account if not already enabled and set a password. This account is disabled by default on most systems.
When manufacturing PCs, you can use the built-in Administrator account to run programs and apps before a user account is created. Source
Steps to enable Administrator account-
Hit Windows+R and type compmgmt.msc which will open Computer Management window.
Go to System Tools -> Local Users and Groups -> Users
You should see an account with name Administrator here(more info about this account can be found here).
Right click on Administrator and select Properties.
Check Password never expires. Uncheck Account is Disabled and everything else then click OK. This will enable administrator account on your system. Skip if already enabled.
Again Right click on Administrator and click on Set Password(by default it has no password set but for runas command to work we need to set a password).
Now windows will show you a life threatening warning which you can accept.
OR If you want to play safe then you should login into it after enabling this account and set a password from there.
Now runas command should work-
Start a standard cmd and type-
runas /user:administrator cmd
EXTRA:
Now we can create something similar to Linux's sudo command. Create a sudo.bat file with following script and save it in c:\windows.
#ECHO OFF
powershell -Command "runas /user:administrator %1"
Now we can do sudo cmd
I did this for my smartctl, and it became a portable App.
I borrowed it from here.
#echo off
set location=%cd%\bin
powershell -Command "Start-Process cmd -Verb RunAs -ArgumentList { '/k "TITLE Smartctl" & color 07 & pushd "%location%" & prompt $g & echo "Welcome to Smartctl cmd"' }"
prompt $g hides the long leading path.
pushd "%location%" is similar to cd /d "%location%"
Saved as smartctl.cmd
Create a shortcut for smartctl.cmd
Copy the shortcut to C:\Users\#YourName#\AppData\Roaming\Microsoft\Windows\StartMenu\Programs
Click search next to the start menu and input smartctl
Right click Pin to Start
Just use the command:
runas /noprofile /user:administrator cmd
Use:
start, run, cmd, then control+shift+enter
You'll get UAC and then an elevated command shell.
Install gsudo tool and use gsudo command. UAC popup appears and eventually command prompt right in the current console window will be elevated:
C:\Users\Someone>net session
System error 5 has occurred.
Access is denied.
C:\Users\Someone>gsudo
C:\Users\Someone# net session
There are no entries in the list.
The tool can be installed using various package managers (Scoop, WinGet, Chocolatey).
Can use a temporary environment variable to use with an elevated shortcut (
start.cmd
setx valueName_betterSpecificForEachCase %~dp0
"%~dp0ascladm.lnk"
ascladm.lnk (shortcut)
_ properties\advanced\"run as administrator"=yes
(to make path changes you'll need to temporarily create the env.Variable)
_ properties\target="%valueName_betterSpecificForEachCase%\ascladm.cmd"
_ properties\"start in"="%valueName_betterSpecificForEachCase%"
ascladm.cmd
setx valueName_betterSpecificForEachCase=
reg delete HKEY_CURRENT_USER\Environment /F /V valueName_betterSpecificForEachCase
"%~dp0fileName_targetedCmd.cmd"
) (targetedCmd gets executed in elevated cmd window)
Although it is 3 files ,you can place everything (including targetedCmd) in some subfolder (do not forget to add the folderName to the patches) and rename "start.cmd" to targeted's one name
For me it looks like most native way of doing this ,whilst cmd doesn't have the needed command
You can use the following syntax, I had the same question and did not think a script should be needed.
runas /profile /user:domain\username cmd
This worked for me, it may be different on your network.
I did it easily by using this following command in cmd
runas /netonly /user:Administrator\Administrator cmd
after typing this command, you have to enter your Administrator password(if you don't know your Administrator password leave it blank and press Enter or type something, worked for me)..
Press the Windows + X key and you can now select the Powershell or Command Prompt with admin rights. Works if you are the admin. The function can be unusable if the system is not yours.
I've created this tool in .Net 4.8 ExecElevated.exe, 13KB (VS 2022 source project) it will execute an application with an elevated token (in admin mode).
But you will get an UAC dialog to confirm! (maybe not if UAC has been disabled, haven't tested it).
And the account calling the tool must also have admin. rights of course.
Example of use:
ExecuteElevated.exe "C:\Utility\regjump.exe HKCU\Software\Classes\.pdf"
I used runas /user:domainuser#domain cmd which opened an elevated prompt successfully.
There are several ways to open an elevated cmd, but only your method works from the standard command prompt. You just need to put user not username:
runas /user:machinename\adminuser cmd
See relevant help from Microsoft community.
I want my batch file to only run elevated. If not elevated, provide an option for the user to relaunch batch as elevated.
I'm writing a batch file to set a system variable, copy two files to a Program Files location, and start a driver installer. If a Windows 7/Windows Vista user (UAC enabled and even if they are a local admin) runs it without right-clicking and selecting "Run as Administrator", they will get 'Access Denied' copying the two files and writing the system variable.
I would like to use a command to automatically restart the batch as elevated if the user is in fact an administrator. Otherwise, if they are not an administrator, I want to tell them that they need administrator privileges to run the batch file. I'm using xcopy to copy the files and REG ADD to write the system variable. I'm using those commands to deal with possible Windows XP machines. I've found similar questions on this topic, but nothing that deals with relaunching a batch file as elevated.
There is an easy way without the need to use an external tool - it runs fine with Windows 7, 8, 8.1, 10 and 11 and is backwards-compatible too (Windows XP doesn't have any UAC, thus elevation is not needed - in that case the script just proceeds).
Check out this code (I was inspired by the code by NIronwolf posted in the thread Batch File - "Access Denied" On Windows 7?), but I've improved it - in my version there isn't any directory created and removed to check for administrator privileges):
::::::::::::::::::::::::::::::::::::::::::::
:: Elevate.cmd - Version 4
:: Automatically check & get admin rights
:: see "https://stackoverflow.com/a/12264592/1016343" for description
::::::::::::::::::::::::::::::::::::::::::::
#echo off
CLS
ECHO.
ECHO =============================
ECHO Running Admin shell
ECHO =============================
:init
setlocal DisableDelayedExpansion
set cmdInvoke=1
set winSysFolder=System32
set "batchPath=%~dpnx0"
rem this works also from cmd shell, other than %~0
for %%k in (%0) do set batchName=%%~nk
set "vbsGetPrivileges=%temp%\OEgetPriv_%batchName%.vbs"
setlocal EnableDelayedExpansion
:checkPrivileges
NET FILE 1>NUL 2>NUL
if '%errorlevel%' == '0' ( goto gotPrivileges ) else ( goto getPrivileges )
:getPrivileges
if '%1'=='ELEV' (echo ELEV & shift /1 & goto gotPrivileges)
ECHO.
ECHO **************************************
ECHO Invoking UAC for Privilege Escalation
ECHO **************************************
ECHO Set UAC = CreateObject^("Shell.Application"^) > "%vbsGetPrivileges%"
ECHO args = "ELEV " >> "%vbsGetPrivileges%"
ECHO For Each strArg in WScript.Arguments >> "%vbsGetPrivileges%"
ECHO args = args ^& strArg ^& " " >> "%vbsGetPrivileges%"
ECHO Next >> "%vbsGetPrivileges%"
if '%cmdInvoke%'=='1' goto InvokeCmd
ECHO UAC.ShellExecute "!batchPath!", args, "", "runas", 1 >> "%vbsGetPrivileges%"
goto ExecElevation
:InvokeCmd
ECHO args = "/c """ + "!batchPath!" + """ " + args >> "%vbsGetPrivileges%"
ECHO UAC.ShellExecute "%SystemRoot%\%winSysFolder%\cmd.exe", args, "", "runas", 1 >> "%vbsGetPrivileges%"
:ExecElevation
"%SystemRoot%\%winSysFolder%\WScript.exe" "%vbsGetPrivileges%" %*
exit /B
:gotPrivileges
setlocal & cd /d %~dp0
if '%1'=='ELEV' (del "%vbsGetPrivileges%" 1>nul 2>nul & shift /1)
::::::::::::::::::::::::::::
::START
::::::::::::::::::::::::::::
REM Run shell as admin (example) - put here code as you like
ECHO %batchName% Arguments: P1=%1 P2=%2 P3=%3 P4=%4 P5=%5 P6=%6 P7=%7 P8=%8 P9=%9
cmd /k
The script takes advantage of the fact that NET FILE requires administrator privilege and returns errorlevel 1 if you don't have it. The elevation is achieved by creating a script which re-launches the batch file to obtain privileges. This causes Windows to present the UAC dialog and asks you for the administrator account and password.
I have tested it with Windows 7, 8, 8.1, 10, 11 and with Windows XP - it works fine for all.
The advantage is, after the start point you can place anything that requires system administrator privileges, for example, if you intend to re-install and re-run a Windows service for debugging purposes (assumed that mypackage.msi is a service installer package):
msiexec /passive /x mypackage.msi
msiexec /passive /i mypackage.msi
net start myservice
Without this privilege elevating script, UAC would ask you three times for your administrator user and password - now you're asked only once at the beginning, and only if required.
If your script just needs to show an error message and exit if there aren't any administrator privileges instead of auto-elevating, this is even simpler: You can achieve this by adding the following at the beginning of your script:
#ECHO OFF & CLS & ECHO.
NET FILE 1>NUL 2>NUL & IF ERRORLEVEL 1 (ECHO You must right-click and select &
ECHO "RUN AS ADMINISTRATOR" to run this batch. Exiting... & ECHO. &
PAUSE & EXIT /D)
REM ... proceed here with admin rights ...
This way, the user has to right-click and select "Run as administrator". The script will proceed after the REM statement if it detects administrator rights, otherwise exit with an error. If you don't require the PAUSE, just remove it.
Important: NET FILE [...] EXIT /D) must be on the same line. It is displayed here in multiple lines for better readability!
On some machines, I've encountered issues, which are solved in the new version above already. One was due to different double quote handling, and the other issue was due to the fact that UAC was disabled (set to lowest level) on a Windows 7 machine, hence the script calls itself again and again.
I have fixed this now by stripping the quotes in the path and re-adding them later, and I've added an extra parameter which is added when the script re-launches with elevated rights.
The double quotes are removed by the following (details are here):
setlocal DisableDelayedExpansion
set "batchPath=%~0"
setlocal EnableDelayedExpansion
You can then access the path by using !batchPath!. It doesn't contain any double quotes, so it is safe to say "!batchPath!" later in the script.
The line
if '%1'=='ELEV' (shift & goto gotPrivileges)
checks if the script has already been called by the VBScript script to elevate rights, hence avoiding endless recursions. It removes the parameter using shift.
Update:
To avoid having to register the .vbs extension in Windows 10, I have replaced the line
"%temp%\OEgetPrivileges.vbs"
by
"%SystemRoot%\System32\WScript.exe" "%temp%\OEgetPrivileges.vbs"
in the script above; also added cd /d %~dp0 as suggested by Stephen (separate answer) and by Tomáš Zato (comment) to set script directory as default.
Now the script honors command line parameters being passed to it. Thanks to jxmallet, TanisDLJ and Peter Mortensen for observations and inspirations.
According to Artjom B.'s hint, I analyzed it and have replaced SHIFT by SHIFT /1, which preserves the file name for the %0 parameter
Added del "%temp%\OEgetPrivileges_%batchName%.vbs" to the :gotPrivileges section to clean up (as mlt suggested). Added %batchName% to avoid impact if you run different batches in parallel. Note that you need to use for to be able to take advantage of the advanced string functions, such as %%~nk, which extracts just the filename.
Optimized script structure, improvements (added variable vbsGetPrivileges which is now referenced everywhere allowing to change the path or name of the file easily, only delete .vbs file if batch needed to be elevated)
In some cases, a different calling syntax was required for elevation. If the script does not work, check the following parameters:
set cmdInvoke=0
set winSysFolder=System32
Either change the 1st parameter to set cmdInvoke=1 and check if that already fixes the issue. It will add cmd.exe to the script performing the elevation.
Or try to change the 2nd parameter to winSysFolder=Sysnative, this might help (but is in most cases not required) on 64 bit systems. (ADBailey has reported this). "Sysnative" is only required for launching 64-bit applications from a 32-bit script host (e.g. a Visual Studio build process, or script invocation from another 32-bit application).
To make it more clear how the parameters are interpreted, I am displaying it now like P1=value1 P2=value2 ... P9=value9. This is especially useful if you need to enclose parameters like paths in double quotes, e.g. "C:\Program Files".
If you want to debug the VBS script, you can add the //X parameter to WScript.exe as first parameter, as suggested here (it is described for CScript.exe, but works for WScript.exe too).
Bugfix provided by MiguelAngelo: batchPath is now returned correctly on cmd shell. This little script test.cmd shows the difference, for those interested in the details (run it in cmd.exe, then run it via double click from Windows Explorer):
#echo off
setlocal
set a="%~0"
set b="%~dpnx0"
if %a% EQU %b% echo running shell execute
if not %a% EQU %b% echo running cmd shell
echo a=%a%, b=%b%
pause
Useful links:
Meaning of special characters in batch file:Quotes ("), Bang (!), Caret (^), Ampersand (&), Other special characters
As jcoder and Matt mentioned, PowerShell made it easy, and it could even be embedded in the batch script without creating a new script.
I modified Matt's script:
:: Check privileges
net file 1>NUL 2>NUL
if not '%errorlevel%' == '0' (
powershell Start-Process -FilePath "%0" -ArgumentList "%cd%" -verb runas >NUL 2>&1
exit /b
)
:: Change directory with passed argument. Processes started with
:: "runas" start with forced C:\Windows\System32 workdir
cd /d %1
:: Actual work
I do it this way:
NET SESSION
IF %ERRORLEVEL% NEQ 0 GOTO ELEVATE
GOTO ADMINTASKS
:ELEVATE
CD /d %~dp0
MSHTA "javascript: var shell = new ActiveXObject('shell.application'); shell.ShellExecute('%~nx0', '', '', 'runas', 1);close();"
EXIT
:ADMINTASKS
(Do whatever you need to do here)
EXIT
This way it's simple and use only windows default commands.
It's great if you need to redistribute you batch file.
CD /d %~dp0 Sets the current directory to the file's current directory (if it is not already, regardless of the drive the file is in, thanks to the /d option).
%~nx0 Returns the current filename with extension (If you don't include the extension and there is an exe with the same name on the folder, it will call the exe).
There are so many replies on this post I don't even know if my reply will be seen.
Anyway, I find this way simpler than the other solutions proposed on the other answers, I hope it helps someone.
I am using Matt's excellent answer, but I am seeing a difference between my Windows 7 and Windows 8 systems when running elevated scripts.
Once the script is elevated on Windows 8, the current directory is set to C:\Windows\system32. Fortunately, there is an easy workaround by changing the current directory to the path of the current script:
cd /d %~dp0
Note: Use cd /d to make sure drive letter is also changed.
To test this, you can copy the following to a script. Run normally on either version to see the same result. Run as Admin and see the difference in Windows 8:
#echo off
echo Current path is %cd%
echo Changing directory to the path of the current script
cd %~dp0
echo Current path is %cd%
pause
Matt has a great answer, but it strips away any arguments passed to the script. Here is my modification that keeps arguments. I also incorporated Stephen's fix for the working directory problem in Windows 8.
#ECHO OFF
setlocal EnableDelayedExpansion
::net file to test privileges, 1>NUL redirects output, 2>NUL redirects errors
NET FILE 1>NUL 2>NUL
if '%errorlevel%' == '0' ( goto START ) else ( goto getPrivileges )
:getPrivileges
if '%1'=='ELEV' ( goto START )
set "batchPath=%~f0"
set "batchArgs=ELEV"
::Add quotes to the batch path, if needed
set "script=%0"
set script=%script:"=%
IF '%0'=='!script!' ( GOTO PathQuotesDone )
set "batchPath=""%batchPath%"""
:PathQuotesDone
::Add quotes to the arguments, if needed.
:ArgLoop
IF '%1'=='' ( GOTO EndArgLoop ) else ( GOTO AddArg )
:AddArg
set "arg=%1"
set arg=%arg:"=%
IF '%1'=='!arg!' ( GOTO NoQuotes )
set "batchArgs=%batchArgs% "%1""
GOTO QuotesDone
:NoQuotes
set "batchArgs=%batchArgs% %1"
:QuotesDone
shift
GOTO ArgLoop
:EndArgLoop
::Create and run the vb script to elevate the batch file
ECHO Set UAC = CreateObject^("Shell.Application"^) > "%temp%\OEgetPrivileges.vbs"
ECHO UAC.ShellExecute "cmd", "/c ""!batchPath! !batchArgs!""", "", "runas", 1 >> "%temp%\OEgetPrivileges.vbs"
"%temp%\OEgetPrivileges.vbs"
exit /B
:START
::Remove the elevation tag and set the correct working directory
IF '%1'=='ELEV' ( shift /1 )
cd /d %~dp0
::Do your adminy thing here...
You can have the script call itself with psexec's -h option to run elevated.
I'm not sure how you would detect if it's already running as elevated or not... maybe re-try with elevated perms only if there's an Access Denied error?
Or, you could simply have the commands for the xcopy and reg.exe always be run with psexec -h, but it would be annoying for the end-user if they need to input their password each time (or insecure if you included the password in the script)...
I use PowerShell to re-launch the script elevated if it's not. Put these lines at the very top of your script.
net file 1>nul 2>nul && goto :run || powershell -ex unrestricted -Command "Start-Process -Verb RunAs -FilePath '%comspec%' -ArgumentList '/c %~fnx0 %*'"
goto :eof
:run
:: TODO: Put code here that needs elevation
I copied the 'net name' method from #Matt's answer. His answer is much better documented and has error messages and the like. This one has the advantage that PowerShell is already installed and available on Windows 7 and up. No temporary VBScript (*.vbs) files, and you don't have to download tools.
This method should work without any configuration or setup, as long as your PowerShell execution permissions aren't locked down.
For some programs setting the super secret __COMPAT_LAYER environment variable to RunAsInvoker will work.Check this :
set "__COMPAT_LAYER=RunAsInvoker"
start regedit.exe
Though like this there will be no UAC prompting the user will continue without admin permissions.
I wrote gsudo, a sudo for windows: that elevates in the current console (no context switching to a new window), with a credentials cache (reduced UAC popups), and also elevates PowerShell commands.
It allows to elevate commands that require admin privileges, or the whole batch, if you want. Just prepend gsudo before anything that needs to run elevated.
Example batch file that elevates itself using gsudo:
EDIT: New one liner version that works with any windows language and avoids whoami issues:
net session >nul 2>nul & net session >nul 2>nul || gsudo "%~f0" && exit /b || exit /b
:: This will run as admin ::
Alternative (original version):
#echo off
rem Test if current context is already elevated:
whoami /groups | findstr /b BUILTIN\Administrators | findstr /c:"Enabled group" 1> nul 2>nul && goto :isadministrator
echo You are not admin. (yet)
:: Use gsudo to launch this batch file elevated.
gsudo "%~f0"
goto end
:isadministrator
echo You are admin.
echo (Do admin stuff now).
:end
Install:
via chocolatey: choco install gsudo
or scoop: scoop install gsudo
or grab it from github: https://github.com/gerardog/gsudo
See gsudo in action:
I recently needed a user-friendly approach and I came up with this, based on valuable insights from contributors here and elsewhere. Simply put this line at the top of your .bat script. Feedback welcome.
#pushd %~dp0 & fltmc | find "." && (powershell start '%~f0' ' %*' -verb runas 2>nul) && (popd & exit /b)
Intrepretation:
#pushd %~dp0 ensures a consistent working directory; supports UNC paths
& fltmc runs a native windows command that outputs an error when run unelevated
| find "." makes that error prettier, and causes nothing to output when elevated
&& ( if we successfully got an error because we're not elevated, do this...
powershell start invoke PowerShell and call the Start-Process cmdlet (start is an alias)
'%~f0' pass in the full path and name of this .bat file. Single quotes allow for spaces
' %*' pass in any and all arguments to this .bat file. Funky quoting and escape sequences probably won't work, but simple quoted strings should. The leading space is needed to prevent breaking things if no arguments are present
-verb runas don't just start the process... RunAs Administrator!
2>nul) discard PowerShell's unsightly error output if the UAC prompt is canceled/ignored
&& if we successfully invoked ourself with PowerShell, then...
NOTE: in the event we don't obtain elevation (user cancels UAC) then the && here allows the .bat to continue running without elevation, such that any commands that require it will fail but others will work just fine. If you want the script to simply exit instead of running unelevated, make this a single ampersand: &
(popd & exit /b) returns to the initial working directory on the command line and exits the initial .bat processing, because we don't need it anymore; we already have an elevated process running this .bat. The /b switch allows cmd.exe to remain open if the .bat was started from the command line – this has no effect if the .bat was double-clicked
When a CMD script needs Administrator rights and you know it, add this line to the very top of the script (right after any #ECHO OFF):
NET FILE > NUL 2>&1 || POWERSHELL -ex Unrestricted -Command "Start-Process -Verb RunAs -FilePath '%ComSpec%' -ArgumentList '/c \"%~fnx0\" %*'" && EXIT /b
The NET FILE checks for existing Administrator rights. If there are none, PowerShell starts the current script (with its arguments) in an elevated shell, and the non-elevated script closes.
If you don’t care about arguments then here’s a compact UAC prompting script that’s a single line long. It doesn’t pass arguments through since there’s no foolproof way to do that that handles every possible combination of poison characters.
net sess>nul 2>&1||(echo(CreateObject("Shell.Application"^).ShellExecute"%~0",,,"RunAs",1:CreateObject("Scripting.FileSystemObject"^).DeleteFile(wsh.ScriptFullName^)>"%temp%\%~nx0.vbs"&start wscript.exe "%temp%\%~nx0.vbs"&exit)
Paste this line under the #echo off in your batch file.
Explanation
The net sess>nul 2>&1 part is what checks for elevation. net sess is just shorthand for net session which is a command that returns an error code when the script doesn’t have elevated rights. I got this idea from this SO answer. Most of the answers here feature net file instead though which works the same. This command is fast and compatible on many systems.
The error level is then checked with the || operator. If the check succeeds then it creates and executes a WScript which re-runs the original batch file but with elevated rights before deleting itself.
Alternatives
The WScript file is the best approach being fast and reliable, although it uses a temporary file. Here are some other variations and their dis/ad-vantages.
PowerShell
net sess>nul 2>&1||(powershell saps '%0'-Verb RunAs&exit)
Pros:
Very short.
No temporary files.
Cons:
Slow. PowerShell can be slow to start up.
Spews red text when the user declines the UAC prompt. The PowerShell command could be wrapped in a try{...}catch{} to prevent this though.
Mshta WSH script
net sess>nul 2>&1||(start mshta.exe vbscript:code(close(Execute("CreateObject(""Shell.Application"").ShellExecute""%~0"",,,""RunAs"",1"^)^)^)&exit)
Pros:
Fast.
No temporary files.
Cons:
Not reliable. Some Windows 10 systems will block the script from running due to Windows Defender intercepting it as a potential trojan.
I pasted this in the beginning of the script:
:: BatchGotAdmin
:-------------------------------------
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\icacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo args = "" >> "%temp%\getadmin.vbs"
echo For Each strArg in WScript.Arguments >> "%temp%\getadmin.vbs"
echo args = args ^& strArg ^& " " >> "%temp%\getadmin.vbs"
echo Next >> "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", args, "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs" %*
exit /B
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
pushd "%CD%"
CD /D "%~dp0"
:--------------------------------------
Although not directly applicable to this question, because it wants some information for the user, google brought me here when I wanted to run my .bat file elevated from task scheduler.
The simplest approach was to create a shortcut to the .bat file, because for a shortcut you can set Run as administrator directly from the advanced properties.
Running the shortcut from task scheduler, runs the .bat file elevated.
Using powershell.
If the cmd file is long I use a first one to require elevation and then call the one doing the actual work.
If the script is a simple command everything may fit on one cmd file. Do not forget to include the path on the script files.
Template:
#echo off
powershell -Command "Start-Process 'cmd' -Verb RunAs -ArgumentList '/c " comands or another script.cmd go here "'"
Example 1:
#echo off
powershell -Command "Start-Process 'cmd' -Verb RunAs -ArgumentList '/c "powershell.exe -NoProfile -ExecutionPolicy Bypass -File C:\BIN\x.ps1"'"
Example 2:
#echo off
powershell -Command "Start-Process 'cmd' -Verb RunAs -ArgumentList '/c "c:\bin\myScript.cmd"'"
One-liner batch user elevation (with arguments)
Here is my one-liner version for this age-old question of batch user elevation which is still relevant today.
Simply add the code to the top of your batch script and you're good to go.
Silent
This version does not output anything nor pause execution on error.
#setlocal disabledelayedexpansion enableextensions
#echo off
:: Admin check
fltmc >nul 2>nul || set _=^"set _ELEV=1^& cd /d """%cd%"""^& "%~f0" %* ^"&&((if "%_ELEV%"=="" ((powershell -nop -c start cmd -args '/d/x/s/v:off/r',$env:_ -verb runas >nul 2>nul) || (mshta vbscript:execute^("createobject(""shell.application"").shellexecute(""cmd"",""/d/x/s/v:off/r ""&createobject(""WScript.Shell"").Environment(""PROCESS"")(""_""),,""runas"",1)(window.close)"^) >nul 2>nul)))& exit /b)
Verbose
A verbose version which tells the user that admin privileges are being requested and pauses on error before exiting.
#setlocal disabledelayedexpansion enableextensions
#echo off
:: Admin check
fltmc >nul 2>nul || set _=^"set _ELEV=1^& cd /d """%cd%"""^& "%~f0" %* ^"&&((if "%_ELEV%"=="" (echo Requesting administrator privileges...&((powershell -nop -c start cmd -args '/d/x/s/v:off/r',$env:_ -verb runas >nul 2>nul) || (mshta vbscript:execute^("createobject(""shell.application"").shellexecute(""cmd"",""/d/x/s/v:off/r ""&createobject(""WScript.Shell"").Environment(""PROCESS"")(""_""),,""runas"",1)(window.close)"^) >nul 2>nul))) else (echo This script requires administrator privileges.& pause))& exit /b)
echo Has admin permissions
echo Working dir: "%cd%"
echo Script dir: "%~dp0"
echo Script path: "%~f0"
echo Args: %*
pause
Method of operation
Uses fltmc to check for administrator privileges. (system component, included in Windows 2000+)
If user already has administrator privileges, continues operation normally.
If not, spawns an elevated version of itself using either:
powershell (optional Windows feature, included in Windows 7+ by default, can be uninstalled/otherwise not available, can be installed on Windows XP/Vista)
mshta (system component, included in Windows 2000+)
If fails to acquire elevation, stops execution (instead of looping endlessly).
What sets this solution apart from others?
There are literally hundreds of variations around for solving this issue but everything I've found so far have their shortcomings and this is an attempt of solving most of them.
Compatibility. Using fltmc as the means of checking for privileges and either powershell or mshta for elevation works with every Windows version since 2000 and should cover most system configurations.
Does not write any extra files.
Preserves current working directory. Most of the solutions found conflate "script directory" with "working directory" which are totally different concepts. If you want to use "script directory" instead, replace %cd% with %~dp0. Some people advocate using pushd "%~dp0" instead so paths inside networked UNC paths like "\\SOMEONES-PC\share" will work but that will also automagically map that location to a drive letter (like Y:) which might or might not be what you want.
Stops if unable to acquire elevation. This can happen because of several reasons, like user clicking "No" on the UAC prompt, UAC being disabled, group policy settings, etc. Many other solutions enter an endless loop on this point, spawning millions of command prompts until the heat death of the universe.
Supports (most of) command-line arguments and weird paths. Stuff like ampersands &, percent signs %, carets ^ and mismatching amount of quotes """'. You still definitely CAN break this by passing a sufficiently weird combinations of those, but that is an inherent flaw of Windows' batch processing and cannot really be worked around to always work with any combination. Most typical use-cases should be covered though and arguments work as they would without the elevation script.
Known issues
If you enter a command-line argument that has a mismatched amount of double-quotes (i.e. not divisible by 2), an extra space and a caret ^ will be added as a last argument. For example "arg1" arg2" """" "arg3" will become "arg1" arg2" """" "arg3" ^. If that matters for your script, you can add logic to fix it, f.ex. check if _ELEV=1 (meaning that elevation was required) and then check if the last character of argument list is ^ and/or amount of quotes is mismatched and remove the misbehaving caret.
Example script for logging output to file
You cannot easily use > for stdout logging because on elevation a new cmd window is spawned and execution context switched.
You can achieve it by passing increasingly weird combinations of escape characters, like elevate.bat testarg ^^^> test.txt but then you would need to make it always spawn the new cmd window or add logic to strip out the carets, all of which increases complexity and it would still break in many scenarios.
The best and easiest way would be simply adding the logging inside your batch script, instead of trying to redirect from command line. That'll save you a lot of headache.
Here is an example how you can easily implement logging for your script:
#setlocal disabledelayedexpansion enableextensions
#echo off
:: Admin check
fltmc >nul 2>nul || set _=^"set _ELEV=1^& cd /d """%cd%"""^& "%~f0" %* ^"&&((if "%_ELEV%"=="" (echo Requesting administrator privileges...&((powershell -nop -c start cmd -args '/d/x/s/v:off/r',$env:_ -verb runas >nul 2>nul) || (mshta vbscript:execute^("createobject(""shell.application"").shellexecute(""cmd"",""/d/x/s/v:off/r ""&createobject(""WScript.Shell"").Environment(""PROCESS"")(""_""),,""runas"",1)(window.close)"^) >nul 2>nul))) else (echo This script requires administrator privileges.& pause))& exit /b)
set _log=
set _args=%*
if not defined _args goto :noargs
set _args=%_args:"=%
set _args=%_args:(=%
set _args=%_args:)=%
for %%A in (%_args%) do (if /i "%%A"=="-log" (set "_log=>> %~n0.log"))
:noargs
if defined _log (echo Logging to file %~n0.log) else (echo Logging to stdout)
echo Has admin permissions %_log%
echo Working dir: "%cd%" %_log%
echo Script dir: "%~dp0" %_log%
echo Script path: "%~f0" %_log%
echo Args: %* %_log%
echo Hello World! %_log%
pause
Run: logtest.bat -log
By adding argument -log , the output will be logged to a file instead of stdout.
Closing thoughts
It bewilders me how a simple "ELEVATE" instruction has not been introduced to batch even after 15 years of UAC existing. Maybe one day Microsoft will get their shit together. Until then, we have to resort to using these hacks.
Try this:
#echo off
CLS
:init
setlocal DisableDelayedExpansion
set cmdInvoke=1
set winSysFolder=System32
set "batchPath=%~0"
for %%k in (%0) do set batchName=%%~nk
set "vbsGetPrivileges=%temp%\OEgetPriv_%batchName%.vbs"
setlocal EnableDelayedExpansion
:checkPrivileges
NET FILE 1>NUL 2>NUL
if '%errorlevel%' == '0' ( goto gotPrivileges ) else ( goto getPrivileges )
:getPrivileges
if '%1'=='ELEV' (echo ELEV & shift /1 & goto gotPrivileges)
ECHO.
ECHO Set UAC = CreateObject^("Shell.Application"^) > "%vbsGetPrivileges%"
ECHO args = "ELEV " >> "%vbsGetPrivileges%"
ECHO For Each strArg in WScript.Arguments >> "%vbsGetPrivileges%"
ECHO args = args ^& strArg ^& " " >> "%vbsGetPrivileges%"
ECHO Next >> "%vbsGetPrivileges%"
if '%cmdInvoke%'=='1' goto InvokeCmd
ECHO UAC.ShellExecute "!batchPath!", args, "", "runas", 1 >> "%vbsGetPrivileges%"
goto ExecElevation
:InvokeCmd
ECHO args = "/c """ + "!batchPath!" + """ " + args >> "%vbsGetPrivileges%"
ECHO UAC.ShellExecute "%SystemRoot%\%winSysFolder%\cmd.exe", args, "", "runas", 1 >> "%vbsGetPrivileges%"
:ExecElevation
"%SystemRoot%\%winSysFolder%\WScript.exe" "%vbsGetPrivileges%" %*
exit /B
:gotPrivileges
setlocal & cd /d %~dp0
if '%1'=='ELEV' (del "%vbsGetPrivileges%" 1>nul 2>nul & shift /1)
REM Run shell as admin (example) - put here code as you like
ECHO %batchName% Arguments: P1=%1 P2=%2 P3=%3 P4=%4 P5=%5 P6=%6 P7=%7 P8=%8 P9=%9
cmd /k
If you need information on that batch file, run the HTML/JS/CSS Snippet:
document.getElementsByTagName("data")[0].innerHTML="ElevateBatch, version 4, release<br>Required Commands:<ul><li>CLS</li><li>SETLOCAL</li><li>SET</li><li>FOR</li><li>NET</li><li>IF</li><li>ECHO</li><li>GOTO</li><li>EXIT</li><li>DEL</li></ul>It auto-elevates the system and if the user presses No, it just doesn't do anything.<br>This CANNOT be used to create an Elevated Explorer.";
data{font-family:arial;text-decoration:none}
<data></data>
%1 start "" mshta vbscript:CreateObject("Shell.Application").ShellExecute("cmd.exe","/c pushd ""%~dp0"" && ""%~s0"" ::","","runas",1)(window.close)&&exit
Following solution is clean and works perfectly.
Download Elevate zip file from https://www.winability.com/download/Elevate.zip
Inside zip you should find two files: Elevate.exe and Elevate64.exe. (The latter is a native 64-bit compilation, if you require that, although the regular 32-bit version, Elevate.exe, should work fine with both the 32- and 64-bit versions of Windows)
Copy the file Elevate.exe into a folder where Windows can always find it (such as C:/Windows). Or you better you can copy in same folder where you are planning to keep your bat file.
To use it in a batch file, just prepend the command you want to execute as administrator with the elevate command, like this:
elevate net start service ...