Showing the UAC prompt in PowerShell if the action requires elevation

Question

I have a simple PowerShell script to stop a process:

$p = get-process $args
if ( $p -ne $null )
{
$p | stop-process
$p | select ProcessName, ID, HasExited, CPU, Handles
}
else { "No such process" }

If I try to stop a process not started by the current user; it works on Windows Server 2003. However, on Windows Server 2008 (and other Windows flavours with User Account Control), I get the following error:

Stop-Process : Cannot stop process "w3wp (5312)" because of the following error: Access is denied

Is there any way to get around this without running PowerShell with elevated privileges ? It would be OK if the user was just presented with the UAC prompt, whenever he tries to execute an action, that requires elevation.

score 21 · Accepted Answer · answered Oct 14 '09 at 15:18

AFAIK, there is no way to do it in the sense that you seem to want. That is running a specified .exe and expecting a prompt to appear immediately.

What I do is for commands that I know have to be run with administrative privs, I run them with a functions I have laying around called Invoke-Admin. It ensures that I'm running as admin and will prompt the user with the UAC dialog if i'm not before running the command.

Here it is

function Invoke-Admin() {
    param ( [string]$program = $(throw "Please specify a program" ),
            [string]$argumentString = "",
            [switch]$waitForExit )

    $psi = new-object "Diagnostics.ProcessStartInfo"
    $psi.FileName = $program 
    $psi.Arguments = $argumentString
    $psi.Verb = "runas"
    $proc = [Diagnostics.Process]::Start($psi)
    if ( $waitForExit ) {
        $proc.WaitForExit();
    }
}

Right, how to put standard output & error output into current command prompt flux? — MUY Belgium, Nov 26 '14 at 14:29

Jonathan · Answer 2 · 2016-02-23T20:15:14.233

3

First install PowerShell Community Extensions choco install pscx via Chocolatey (you may have to restart your shell environment)

then enable pscx

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser #allows scripts to run from the interwebs, such as pcsx

Then use Invoke-Elevated, for example

Invoke-Elevated {Add-PathVariable $args[0] -Target Machine} -ArgumentList $MY_NEW_DIR

edited Feb 23 '16 at 20:15

answered Feb 18 '15 at 23:57

Jonathan

6,741
7
52
69

Where the heck did you find "Invoke-Elevated". There is no such command unless this a function you wrote. Am I wrong? – Habanagold Feb 23 '16 at 18:45
Did you install and enable PSCX? that is part of PSCX, see http://stackoverflow.com/a/8703862/1689770 – Jonathan Feb 23 '16 at 20:13
thanks, just typed Install-Package -Name pscx -Source psgallery and it works! would be just nicer if it doesn't fires up a different console but elevates the current console, anyway i think this is something that depends on how Windows manages the processes.... – Mosè Bottacini Jun 15 '17 at 13:01

score -1 · Answer 3 · answered Jan 19 '15 at 09:34

-1

This script sectio check for the Medium Mandatory level token (non elevated admin) and restarts the script elevated.

if ($Mygroups -match ".*Mandatory Label\\Medium Mandatory Level") {
  #non elevated admin: elevating
  write-host "Elevate"
  start-process powershell -Argumentlist "$PSCommandPath  -Yourargument $Youragumentvalue" -verb runas -Wait 
  exit
}

answered Jan 19 '15 at 09:34

SenneVL

1

Where does $myGroups come from? – swe May 20 '19 at 16:11

Showing the UAC prompt in PowerShell if the action requires elevation

3 Answers3

Linked