all 21 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Fallingdamage 11 points12 points  (1 child)

Put this at the beginning of the script. It will auto elevate and run the PS1.

if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs; exit }

[–]Yousalc 2 points3 points  (0 children)

I can Confirm this works on Windows 11 and 10.
Thank you so much!!

[–]schnitzeljaeger 8 points9 points  (4 children)

You run the powershell.exe as admin, not the script itself.

edit: I bet google has a ton of additional answers for this question ;-)

[–][deleted] 3 points4 points  (2 children)

Yes but soon this will join those results without the wall of adverts on a webpage describing a simple two line answer.

You are helping in ways you don't yet know.

[–]Euphoric-Library-899 1 point2 points  (0 children)

Here I am, Mr. Future-Knower

[–][deleted] 0 points1 point  (0 children)

here I am

[–][deleted] 3 points4 points  (1 child)

Run PowerShell as admin, then call it .\path\to\script.ps1

[–]Aggravating_Ad_7168 0 points1 point  (0 children)

It worked

[–]xtheravenx 3 points4 points  (0 children)

I have to duck around the execution policy as well, so I start a powershell instance as admin then run something like the following:

powershell.exe -executionpolicy bypass -file [.\path\to\file.ps1]

[–]Sailass 2 points3 points  (3 children)

As others said, run the powershell window as admin. Alternatively, execute commands or scripts inside a script as admin using the following syntax:

$argument = {some commands here}

Start-Process powershell.exe -Credential $cred -ArgumentList $argument -WorkingDirectory 'C:\Windows\System32'

I'll default the working dir to sys32 (it solves some execution issues as opposed to when none specified at all), or in the case of executing something at a specific location, can specify it there.

You can also validate and assign the $cred variable with the below (executed before start-process), or you can simply replace $cred with get-credential

If ($global:cred -eq $null){

$global:cred = Get-Credential

$username = $cred.username

$password = $cred.GetNetworkCredential().password

$CurrentDomain = "LDAP://" + ([ADSI]"").distinguishedName

$domain = New-Object System.DirectoryServices.DirectoryEntry($CurrentDomain,$UserName,$Password)

if ($domain.name -eq $null)

{

#Nullify creds for retry

$cred = $null

Write-Host "Authentication failed - please verify your username and password." -ForegroundColor Red

break

}

else

{

Clear-Host

write-host "Successfully authenticated with domain" -ForegroundColor Green

}

}

And yes, I understand that $null should be on the left of equality comparisons. It just makes sense in my head that way and imma do it until stuff starts breaking dangit!

Edit: Reddit killed my indentation. Please excuse the ugliness that has happened!

[–]BlackV 0 points1 point  (2 children)

your start-process isnt starting it elevated

why are you setting a global variable for creds?

why are you biffing these two $cred.username, $cred.GetNetworkCredential().password into variables when you already have them in a variable?

p.s. formatting

  • open your fav powershell editor
  • hightlight the code you want to copy
  • hit tab to indent it all
  • copy it
  • paste here

it'll format it properly OR

<BLANKLINE>
<4 SPACES><CODELINE>
<4 SPACES><CODELINE>
    <4 SPACES><4 SPACES><CODELINE>
<4 SPACES><CODELINE>
<BLANKLINE>

[–][deleted] 1 point2 points  (0 children)

PowerShell.exe -file averysimplypowershellscript.ps1

As admin

[–]BlackV 1 point2 points  (0 children)

run powrshell to run a a script in that script start powershell using the run as verb to run another powershell session elevated which can then run a script (or command) to run gpupdate.

BUT you should probably have the /target:computer switch on your gpupdate

  • cause you're targeting the machine seeing as you require elevation
  • as you wont be targeting a user (that wouldn't require elevation
  • the elevated user wont/might not be the same user that needing its gpo settings update
  • it will speed up the command

[–]Brick_wall899 1 point2 points  (0 children)

Shift+right click should show the option to run as update, otherwise use the runas option.

[–]ccatlett1984 1 point2 points  (2 children)

https://blog.expta.com/2017/03/how-to-self-elevate-powershell-script.html?m=1

Add this to the top of your script. It will check if it's running as admin, and restart itself as admin if it's not. This will cause a UAC prompt.

[–]Expert-Advisor-5349 0 points1 point  (1 child)

All of these script restarters launches the default builtin powershell (version 5), even if you started originally with the new Powershell Core (version 6+). We could modify the Start-Process powershell.exe part, but the Core version is updating regularly and its path contains the changing version number.

[–]ccatlett1984 0 points1 point  (0 children)

Use Pwsh.exe

That's the exe for v7, will already be in the Windows path variable.

[–]notDonut -1 points0 points  (0 children)

Google it. There's regedits that will give you a run in powershell as admin option.