Batch Script to Run as Administrator

Question

I\'m writing a client/server checking program but it needs to run as Administrator.

I want this to run silently on my network and users, and I don\'t want the \"Run

Answer 1

Solutions that did not work

No: The - create a shortcut [ -> Compatibility -> "run this program as an administrator" ] solution does not work.

This option is greyed out in Windows 7. Even with UAC disabled

No: The runas /env /user:domain\Administrator <program.exe/command you want to execute> is also not sufficient because it will prompt the user for the admin password.

Solution that worked

Yes: Disable UAC -> Create a job using task scheduler, this worked for me.

• Create a job under task scheduler and make it run as a user with administrator permissions.
• Explicitly mark: "Run with highest privileges"
• Disable UAC so there will be no prompt to run this task

You can let the script enable UAC afterwards by editing the registry if you would want. In my case this script is ran only once by creation of a windows virtual machine, where UAC is disabled in the image.

Still looking forward for the best approach for a script run as admin without too much hassle.

Answer 2

I made this slight modification to Matt's script to enable it to run from within a single script (just add this to the beginning of any script requiring UAC invocation), but read below the code for an even better solution that I've found on a blog:

:: ### START UAC SCRIPT ###

if "%2"=="firstrun" exit
cmd /c "%0" null firstrun

if "%1"=="skipuac" goto skipuacstart

:checkPrivileges
NET FILE 1>NUL 2>NUL
if '%errorlevel%' == '0' ( goto gotPrivileges ) else ( goto getPrivileges )

:getPrivileges
if '%1'=='ELEV' (shift & goto gotPrivileges)

setlocal DisableDelayedExpansion
set "batchPath=%~0"
setlocal EnableDelayedExpansion
ECHO Set UAC = CreateObject^("Shell.Application"^) > "%temp%\OEgetPrivileges.vbs"
ECHO UAC.ShellExecute "!batchPath!", "ELEV", "", "runas", 1 >> "%temp%\OEgetPrivileges.vbs"
"%temp%\OEgetPrivileges.vbs"
exit /B

:gotPrivileges

setlocal & pushd .

cd /d %~dp0
cmd /c "%0" skipuac firstrun
cd /d %~dp0

:skipuacstart

if "%2"=="firstrun" exit

:: ### END UAC SCRIPT ###

:: ### START OF YOUR OWN BATCH SCRIPT BELOW THIS LINE ###

My modification uses two file arguments as you can see, which isn't particularly elegant but does the job (and you can always hide them away at the tail end by reserving the first few arguments using dummy placeholders). Additionally, AFAIK Matt's script doesn't support spaces in file paths and this limitation also applies to my modification of this script.

This issue seems to be inherent in the way VBS handles these paths but on the below link there's an even better VBS-based solution for invoking UAC that runs from within a single script without the need for a workaround like this using file arguments and that also supports spaces in file paths:

http://pcloadletter.co.uk/2012/12/11/uac-elevation-for-batch-script/

The script on this link makes slightly different VBS calls as you'll notice, which for some reason circumvents the issue with spaces.

Answer 3

@echo off

 call :isAdmin

 if %errorlevel% == 0 (
    goto :run
 ) else (
    echo Requesting administrative privileges...
    goto :UACPrompt
 )

 exit /b

 :isAdmin
    fsutil dirty query %systemdrive% >nul
 exit /b

 :run
  <YOUR BATCH SCRIPT HERE>
 exit /b

 :UACPrompt
   echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
   echo UAC.ShellExecute "cmd.exe", "/c %~s0 %~1", "", "runas", 1 >> "%temp%\getadmin.vbs"

   "%temp%\getadmin.vbs"
   del "%temp%\getadmin.vbs"
  exit /B`

Answer 4

You have a couple options.

1. If you need to do it using only a batch file and native commands, check out How can I auto-elevate my batch file, so that it requests from UAC admin rights if required?.

2. If 3rd-party utilities are an option, you can use a tool like Elevate. It is an executable that you call with the program you want to run elevated as a parameter.
   Like this: elevate net share ....

Answer 5

You could put it as a startup item... Startup items don't show off a prompt to run as an administrator at all.

Check this article Elevated Program Shortcut Without UAC rompt

Answer 6

If all above answers is not to your liking you can use autoIT to run your file (or what ever file) as a specific user with their credentials.

Sample of a script that will run a program using that users privelages.

installAdmin()

Func installAdmin()
    ; Change the username and password to the appropriate values for your system.
    Local $sUserName = "xxxxx"
    Local $sPassword = "xxx"
    Local $sDirectory = "C:\ASD4VM\Download\"
    Local $sFiletoRun = "Inst_with_Privileges.bat"

    RunAsWait($sUserName, @ComputerName, $sPassword, 0, $sDirectory & $sFiletoRun)
EndFunc   ;==>Example

AutoIT can be found here. -> It uses a .ua3 format that is compiled to a .exe file that can be run.