Bypass UAC and Elevate Permissions of Scripts (RunAs Administrator) at the Command Line

Mike Murgolo from Microsoft MCS released some great UAC scripting power tools to help scripting tools get around UAC security prompts.

Also check out his other other Vista UAC Tools like Kixtart/AutoIT UAC elevation addons, a RunAs GUI, and other tools.

Elevate Command PowerToy.

This tool (which consists of the files ElevateCommand.inf, elevate.cmd, and elevate.vbs) adds an elevate command to your system. This lets you launch applications that prompt for elevation from the command line, a script, or the Run dialog. For example, the following command opens Win.ini with Notepad (after prompting for elevation):

elevate notepad c:\Windows\Win.ini

When using the elevate command with Windows Script Host (WSH), Windows PowerShell™ or other scripts, you need to specify the script host executable (such as wscript, cscript, or powershell) as the application. To run a vbs, for example, you’d use this:

elevate wscript “C:\windows\system32\ slmgr.vbs” –dli

Run as Administrator for Scripts

The next irritant was that there was no “Run as Administrator” context menu option (when you right-click on the file in Explorer) for most Windows script types. The one exception was for command-shell scripts (those with .bat and .cmd file extensions). So I set out to investigate this. Many of the context menu options for file types are controlled through command keys for the “object” type in the HKEY_CLASSES_ROOT section of the Registry (see Verbs and File Associations in the sidebar for details). It turns out that if that command key is named runas, the command invoked will prompt for elevation. This allowed me to create the following PowerToys:

  • Elevate HTML Application PowerToy (ElevateHTA.inf)
  • Elevate Windows PowerShell Script PowerToy (ElevatePowerShellScript.inf)
  • Elevate WSH Script PowerToy (ElevateWSHScript.inf, elevate.cmd, elevate.vbs)

These PowerToys add a Run as Administrator Explorer context menu entry (as shown in Figure 1) for HTAs, Windows PowerShell, and Windows Script Host file types respectively. ElevateWSHScript.inf also adds a Run as Administrator with Command Prompt menu entry. (Please read the note in ElevatePowerShellScript.inf before installing it.)

Figure 1 Run as Administrator context menu options (Click the image for a larger view)

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.
 
Comments

No comments yet.

Leave a Reply

You must be logged in to post a comment.

 
Call Agile IT Now

(619) 292-0800

×
Visit Agile IT
Agile IT Office


Agile IT Headquarters
West Coast Sales Office
4660 La Jolla Village Drive, Suite 500
San Diego, CA 92122

Directions >


Network Operations & Support Center
4891 Pacific Highway, Suite 105
San Diego, CA, 92110

Directions >


North East Sales Office
250 Pehle Avenue, Suite 200
Saddle Brook, New Jersey


South East Sales Office
2202 N. West Shore Blvd
Tampa, Florida


Midwest Sales Office
60 E. Rio Salado Parkway, Suite 900
Tempe, Arizona
×
Intune Webcast by Agile IT

×
Intune Subscription Pricing

×
This Guy That Guy - Microsoft InTune Lighter Side

×
Compare Office 365 Subscription Pricing

×
Office 365 Webcast by Agile IT

×
Office 365 Success Stories

Microsoft Office 365 is at the forefront of productivity. For organizations of all sizes, Office 365 unites the familiar Microsoft Office desktop applications with the power of our most trusted productivity servers, into one connected online solution. No matter if you’re an entrepreneur just starting out or a multinational corporation connecting your employees across the globe, the best productivity tools are at your fingertips.

State of Minnesota – The executive branch of the State of Minnesota is made up of more than 70 agencies and employs 35,000 people. The State Office of Enterprise Technology (OET) provides services that improve government through the effective use of information technology. In 2010, OET decided to move the entire executive branch to the cloud-based services of Microsoft Office 365. With a hosted enterprise solution, IT staff can provide a highly reliable and secure platform while decreasing administration and costs.

Click here
to view case study.

Patagonia – Patagonia, a global provider of outdoor apparel and gear wanted a new solution for unified communications to help employees around the world work better together. The IT staff also needed to upgrade its aging messaging solution. Based on a pilot test of Office 365, Patagonia expects employees to communicate more effectively and make better design decisions. Patagonia also believes Office 365 will help it reduce IT costs, improve business continuity, and support its environmental initiatives.

Click here
to view case study.

Imagination Yoga – Imagination Yoga, which brings the benefits of yoga to children’s classrooms, struggled with communication among its owners. By adopting Microsoft Office 365, the company gained mobile access to email and calendar information, shared workspaces, and a centralized document repository. Imagination Yoga now runs more efficiently, can be more responsive, and is able to better focus on its mission to bring yoga to more children.

Click here
to view case study.

Traveler’s Haven - Travelers Haven is growing rapidly and wants to better coordinate employee activities. The company is testing Microsoft Office 365 and already finds it exceptionally useful in improving efficiency and communicating with remote employees. Once the whole staff is using Office 365, Travelers Haven expects to save 30 hours a day, avoid U.S.$100,000 annually in IT costs, and feel comfortable opening new offices around the United States.

Click here
to view case study

×
Intune Deep Dive

×
Active Directory (AD)
Active Directory (AD) is a directory service created by Microsoft for Windows domain networks. It is included in most Windows Server operating systems.
An AD domain controller authenticates and authorizes all users and computers in a Windows domain type network—assigning and enforcing security policies for all computers and installing or updating software.
×
SAML Endpoints
SAML 2.0 is a standard which ensures interoperability across identity providers and gives enterprises the freedom to choose a cloud providers without needing to worry about additional management.
Many Cloud services are SAML Endpoints. Some of the most well-known are are:
  • Google
  • Yahoo
  • Salesforce.com
  • Remedy
  • ZenDesk
  • Zoho
  • Zimbra
  • CIsco Webex
  • Box.com

and many more.

×