I'm working on a PowerShell script that includes a GUI with multiple buttons and textboxes. Users will interact with it to execute some external executables located in the same folder. The problem is that these executables require admin rights to run, and since the users don't have those rights, I need a way for them to run this GUI application with elevated privileges without granting them full admin access. Is there a method to achieve this?
4 Answers
I actually put together a detailed script that handles the execution of elevated commands from a user script. It involves creating a scheduled task with the highest privileges that runs the intended PowerShell script. If you're interested, I can share the details!
Another approach would be to hijack the parent process and run your PowerShell script as a child of that process. This could give you control over the elevation.
Unfortunately, you can't give admin privileges to just the script without exposing the underlying system. It's crucial to determine why admin rights are necessary for your executables. Once you find the exact permissions they're needing, you might be able to modify them to avoid requiring admin rights altogether, like adjusting folder permissions or registry access.
You can use the command `Start-Process powershell -Verb runAs -ArgumentList '-File "C:PathToYourScript.ps1"'`. However, this effectively runs the whole script as admin, which might not be what you want. If there are specific actions that need to run elevated, consider executing only those actions with elevated privileges.
Right, but we need to balance functionality and security, right? Maybe we can throw some scheduled tasks into the mix? That way, admin rights are rolled out to specific tasks instead of the whole script.