No admin/elevated privileges in PowerShell on Azure VM

I have set up an Azure VM with Windows 10 Pro for our custom DevOps build Agent. The user that I've created is Administrator and is in the Administrators group too.

However, if I do:

  1. RDP to VM via that user with admin privileges
  2. Run PowerShell (not with Administrator privileges)
  3. Try to run e.g. Import-Certificate command

In PowerShell, I get an Access Denied error.

Is there any chance that all my PowerShell instances will automatically have admin privileges?

The solution would serve for that hosted DevOps Agent. Now I am not able to run any script in our DevOps pipeline which would eventually need admin privileges.


So I figured it out without any third-party tool.

The original command for starting the custom build agent was:

C:\windows\system32\cmd.exe /D /S /C start "Agent with AutoLogon" "C:\agent\run.cmd" --startuptype autostartup

The above produced non-admin Command Prompt through which the DevOps doesn't have admin/elevated privileges.

You can use Start-Process PowerShell command to start the above with -Verb RunAs to gain elevated privileges:

powershell -Command "Start-Process powershell -ArgumentList 'C:\windows\system32\cmd.exe /D /S /C start C:\agent\run.cmd --startuptype autostartup' -Verb RunAs"

However, this approach sacrifices title of the Command Prompt as I did not figure out how to properly escape double quotes that are needed for it.