Scribd
Upload
24 views3 pages

Windows Powershell Admin

The document provides a PowerShell script to check if the current user has administrative privileges and relaunches the script with elevated permissions if not. It also explains how to create a batch file that runs the PowerShell script with administrative rights and details the steps involved. Additionally, it includes methods for starting an elevated PowerShell process and securely storing credentials for future use.

Uploaded by

SG
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
24 views3 pages

Windows Powershell Admin

The document provides a PowerShell script to check if the current user has administrative privileges and relaunches the script with elevated permissions if not. It also explains how to create a batch file that runs the PowerShell script with administrative rights and details the steps involved. Additionally, it includes methods for starting an elevated PowerShell process and securely storing credentials for future use.

Uploaded by

SG
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd

# Get the ID and security principal of the current user account

$myWindowsID = [[Link]]::GetCurrent();
$myWindowsPrincipal = New-Object
[Link]($myWindowsID);

# Get the security principal for the administrator role


$adminRole = [[Link]]::Administrator;

# Check to see if we are currently running as an administrator


if ($[Link]($adminRole))
{
# We are running as an administrator, so change the title and background colour
to indicate this
$[Link] = $[Link] + "(Elevated)";
$[Link] = "DarkBlue";
Clear-Host;
}
else {
# We are not running as an administrator, so relaunch as administrator

# Create a new process object that starts PowerShell


$newProcess = New-Object [Link] "PowerShell";

# Specify the current script path and name as a parameter with added scope and
support for scripts with spaces in it's path
$[Link] = "& '" + $script:[Link] + "'"

# Indicate that the process should be elevated


$[Link] = "runas";

# Start the new process


[[Link]]::Start($newProcess);

# Exit from the current, unelevated, process


Exit;
}

# Run your code that needs to be elevated here...

Write-Host -NoNewLine "Press any key to continue...";


$null = $[Link]("NoEcho,IncludeKeyDown");
===================================================================================
==================================

34

You can create a batch file (*.bat) that runs your powershell script with
administrative privileges when double-clicked. In this way, you do not need to
change anything in your powershell [Link] do this, create a batch file with the
same name and location of your powershell script and then put the following content
in it:

@echo off

set scriptFileName=%~n0
set scriptFolderPath=%~dp0
set powershellScriptFileName=%scriptFileName%.ps1

powershell -Command "Start-Process powershell \"-ExecutionPolicy Bypass -NoProfile


-NoExit -Command `\"cd \`\"%scriptFolderPath%`\"; & \`\".\%powershellScriptFileName
%\`\"`\"\" -Verb RunAs"

That's it!

Here is the explanation:

Assuming your powershell script is in the path C:\Temp\ScriptTest.ps1, your batch


file must have the path C:\Temp\[Link]. When someone execute this batch
file, the following steps will occur:

The cmd will execute the command

powershell -Command "Start-Process powershell \"-ExecutionPolicy Bypass -


NoProfile -NoExit -Command `\"cd \`\"C:\Temp\`\"; & \`\".\ScriptTest.ps1\`\"`\"\" -
Verb RunAs"

A new powershell session will open and the following command will be executed:

Start-Process powershell "-ExecutionPolicy Bypass -NoProfile -NoExit -Command


`"cd \`"C:\Temp\`"; & \`".\ScriptTest.ps1\`"`"" -Verb RunAs

Another new powershell session with administrative privileges will open in the
system32 folder and the following arguments will be passed to it:
-ExecutionPolicy Bypass -NoProfile -NoExit -Command "cd \"C:\Temp\"; & \".\
ScriptTest.ps1\""

The following command will be executed with administrative privileges:

cd "C:\Temp"; & ".\ScriptTest.ps1"

Once the script path and name arguments are double quoted, they can contain
space or single quotation mark characters (').

The current folder will change from system32 to C:\Temp and the script
ScriptTest.ps1 will be executed. Once the parameter -NoExit was passed, the window
wont be closed, even if your powershell script throws some exception.

===================================================================================
==================================================================

You can start a new, elevated PowerShell process to run your script e.g.:

Start-Process PowerShell -verb runas -ArgumentList '-noexit','-File','path-to-


script'

If you don't want the PowerShell window to hang around then get rid of the '-
noexit' but for debugging the launch of your script, it is useful.

If you had access to an admin account username/password, you could do this:

# Capture encrypted password once and store to file


$passwd = Read-Host "Enter password" -AsSecureString
$encpwd = ConvertFrom-SecureString $passwd
$encpwd > $path\[Link]

# Afterwards always use this to start the script


$encpwd = Get-Content $path\[Link]
$passwd = ConvertTo-SecureString $encpwd
$cred = new-object [Link] 'domain\username',
$passwd
Start-Process PowerShell -Cred $cred -ArgumentList '-noexit','-File','path-to-
script'

You might also like