[Question] Best Admin Request Solution?

Discussion in 'Scripting' started by NormieLyfe, Nov 8, 2017.

Tags:
  1. NormieLyfe

    NormieLyfe MDL Novice

    May 1, 2017
    37
    33
    0
    Hey MDL, I was wondering what's the best Admin request solution because the code that i use works for my PC and others but some it doesn't, it closes once clicked

    here's what I used. I added something incase the cscript won't work
    Code:
    :CheckAdminRights
    set runAdmin="%temp%\GetAdmin.vbs"
    net session >nul 2>&1 || (
        title Requesting Admin Privileges
        (echo Set UAC = CreateObject^("Shell.Application"^) & echo UAC.ShellExecute "%~f0", "", "", "runas", 1)> %runAdmin%
        cscript //nologo %runAdmin% && (del /f /q %runAdmin%>nul 2>&1 & exit) || (echo Right-click, Run as Administrator & pause & exit)
    )
    
    EDIT: Also I sort of made a script that enables "Windows Script Host" if it is disabled base from this Link "Windows Script Host access is disabled on this machine, Contact your administrator for details"

    Code:
    :CheckScriptHost
    set "RegKey=HKLM\Software\Microsoft\Windows Script Host\Settings"
    reg query "%RegKey%" /v "Enabled" | findstr /i "0x1">nul 2>&1 || (reg add "%RegKey%" /f /v "Enabled" /t REG_DWORD /d "1">nul 2>&1 && goto CheckScriptHost)
    
    I wanted to verify if that works or not
     
  2. GodHand

    GodHand MDL Senior Member

    Jul 15, 2016
    400
    444
    10
    Yeah I know this is PowerShell, but one of my functions I use regularly:

    Code:
    Function Verify-Admin
    {
       [CmdletBinding()]
       Param ()
       $CurrentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
       $isAdmin = $CurrentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
       Write-Verbose "isUserAdmin? $isAdmin" -Verbose
       Return $isAdmin
    }
    
    Then it can be used anywhere within the script like so... Here it checks if the user executing the script returns a $null for the Verify-Admin function. If $null is returned, it writes a warning and then breaks the script.

    Code:
    If (!(Verify-Admin))
    {
       Write-Warning -Message "Administrative access is required to run $Script. Please re-launch PowerShell with elevation and re-run $Script."
       Break
    }
    
     
  3. abbodi1406

    abbodi1406 MDL KB0000001

    Feb 19, 2011
    8,392
    28,870
    270
    I generally do not like auto-elevating scripts :D
    specially if they affect system (e.g activation)

    the codes i have seen or used:

    VBS
    Code:
    set "params=%*"
    cd /d "%~dp0" && ( if exist "%temp%\getadmin.vbs" del "%temp%\getadmin.vbs" ) && fsutil dirty query %systemdrive% 1>nul 2>nul || (  cmd /u /c echo Set UAC = CreateObject^("Shell.Application"^) : UAC.ShellExecute "cmd.exe", "/k cd ""%~sdp0"" && %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs" && "%temp%\getadmin.vbs" && exit /B )
    Code:
    fltmc >nul 2>&1 || (
      cmd /u /c echo Set UAC = CreateObject^("Shell.Application"^) : UAC.ShellExecute "%~f0", "", "", "runas", 1 > "%temp%\GetAdmin.vbs"
      cscript //nologo "%temp%\GetAdmin.vbs"
      del /f /q "%temp%\GetAdmin.vbs" >nul 2>&1
      exit
    )
    Code:
    fltmc >nul 2>&1 || (
      echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\GetAdmin.vbs"
      echo UAC.ShellExecute "%~f0", "", "", "runas", 1 >> "%temp%\GetAdmin.vbs"
      cmd /u /c type "%temp%\GetAdmin.vbs">"%temp%\GetAdminUnicode.vbs"
      cscript //nologo "%temp%\GetAdminUnicode.vbs"
      del /f /q "%temp%\GetAdmin.vbs" >nul 2>&1
      del /f /q "%temp%\GetAdminUnicode.vbs" >nul 2>&1
      exit
    )
    PS
    Code:
    (cd /d "%~dp0")&&(NET FILE||(powershell start-process -FilePath '%0' -verb runas)&&(exit /B)) >NUL 2>&1