111

On my Windows 7 Desktop, I have script.ps1, which needs admin privileges (it starts a service). I want to click on this script and run it with admin privileges.

What's the easiest way to accomplish this?

Sajee
  • 6,869

10 Answers10

94

Here is one way of doing it, with the help of an additional icon on your desktop. I guess you could move the script someone else if you wanted to only have a single icon on your desktop.

  1. Create a shortcut to your Powershell script on your desktop
  2. Right-click the shortcut and click Properties
  3. Click the Shortcut tab
  4. In the Target: section, make sure you specify powershell.exe -f before your script path. This will enable Run as Administrator option in the Advanced... Tab.
  5. Click Apply
  6. Click Advanced
  7. Select Run as Administrator

You can now run the script elevated by simple double-clicking the new shortcut on your desktop.

Scott Forbes
  • 3
Kez
  • 16,911
59

On UAC-enabled systems, to make sure a script is running with full admin privileges, add this code at the beginning of your script:

param([switch]$Elevated)

function Test-Admin {
    $currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
    $currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
}


if ((Test-Admin) -eq $false)  {
    if ($elevated) {
        # tried to elevate, did not work, aborting
    } else {
        Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -noexit -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition))
    }
    exit
}


'running with full privileges'

Now, when running your script, it will call itself again and attempt to elevate privileges before running. The -elevated switch prevents it from repeating if something fails.

You may remove the -noexit switch if the terminal should automatically close when the script finishes.

xeruf
  • 188
MDMoore313
  • 6,336
18

if you are in the same powershell you could do this:

Start-Process powershell -verb runas -ArgumentList "-file fullpathofthescript"
mjsr
  • 6,778
6

In addition to MDMoore313's answer above:

If we want to execute the commands in the same working directory as we are currently in, we have to add a few things:

#### START ELEVATE TO ADMIN #####
param(
    [Parameter(Mandatory=$false)]
    [switch]$shouldAssumeToBeElevated,

[Parameter(Mandatory=$false)]
[String]$workingDirOverride



)


If parameter is not set, we are propably in non-admin execution. We set it to the current working directory so that


the working directory of the elevated execution of this script is the current working directory


if(-not($PSBoundParameters.ContainsKey('workingDirOverride')))
{
    $workingDirOverride = (Get-Location).Path
}


function Test-Admin {
    $currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
    $currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
}


If we are in a non-admin execution. Execute this script as admin


if ((Test-Admin) -eq $false)  {
    if ($shouldAssumeToBeElevated) {
        Write-Output "Elevating did not work :("


} else {
    #                                                         vvvvv add `-noexit` here for better debugging vvvvv 
    Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -file "{0}" -shouldAssumeToBeElevated -workingDirOverride "{1}"' -f ($myinvocation.MyCommand.Definition, "$workingDirOverride"))
}
exit



}


Set-Location "$workingDirOverride"


END ELEVATE TO ADMIN


Add actual commands to be executed in elevated mode here:


Write-Output "I get executed in an admin PowerShell"
Jonas Taulien
  • 61
4

Since it's sitting onto your desktop, I'd say the most effortless way to get this done is dragging it onto the elevation gadget.

Otherwise you could make a separate script using the elevate command on your ps1 script.

Or, you could apply elevate just to the service-starting bit.

badp
  • 3,797
1

PowerShell ISE lives at %windir%\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe. You can right-click that and select "Run as administrator" and run the script from in there.

You can also find it under the Windows Logo > All Programs > Accessories > Windows PowerShell and do the same thing with those shortcuts.

vapcguy
  • 121
0

If you want an option to launch a Powershell script as adminstrator, directly from the Explorer context-menu, see section 2 of my answer here: https://stackoverflow.com/a/57033941/2441655

Venryx
  • 394
  • 3
  • 10
0

The previous answers only tells you if the script is running from an admin. If starting the same script with elevated privileges, the user is still not admin.

A parameter which can be used to determine this is the following :

if (($myinvocation.UnboundArguments.Contains("-elevated")) -or ($testadmin -eq $true)) {
   #Good to go with Admin rights

} else {
    #Start with elevated privs


}

I've not been able to find a parameter that detects the Powershell environment has been started with Admin privileges.

JFH
  • 1
-1
sudo

Why does it have to take 30+ lines of code to do what 4 characters do?

So here, write a .bat file to invoke your script, in it use the:

Start-Process powershell.exe -Verb RunAs
Max Haase
  • 143
-2

Add this to the beginning of the script:

$currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
$testadmin = $currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
if ($testadmin -eq $false) {
Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -noexit -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition))
exit $LASTEXITCODE
}
Anthony
  • 7