How to run a command as administrator on Windows7 from a command line?
I need to run tscon.exe 0 /dest:console
remotely = not manually on Windows7 as an administrator. More info here How to use tscon on Windows7?
I did my research and
- OPTION 1 - runas
for user root (no password) on computer yogurt works
C:\>runas /user:yogurt\root cmd
Enter the password for yogurt\root:
Attempting to start cmd as user "yogurt\root" ...
for user administrator (I thought the the password is blank too) on computer yogurt doesn't work. I am asked for password, hit the enter and
C:\>runas /user:yogurt\administrator cmd
Enter the password for yogurt\administrator:
Attempting to start cmd as user "yogurt\administrator" ...
RUNAS ERROR: Unable to run - cmd
1327: Logon failure: user account restriction. Possible reasons are blank passwo
rds not allowed, logon hour restrictions, or a policy restriction has been enforced.
- OPTION 2 - setting properties of a batch file so it always runs as administrator. The 'privilege level' section is greyed out for me under Compatibility level. So I am not able to tick the check box
Run this program as an administrator
Solution 1:
You may find that the local Administrator account is in fact disabled. Take a look in the Local Users and Groups in Computer Management.
Regardless of that, I wouldn't recommend enabling the account, especially if it really does have a blank password.
Running a program 'as Administrator' (as in on the right-click menu) and doing a RunAs
Administrator are not the same thing:
Running a program 'as Administrator' means that the program still runs under the context of your user account (i.e. the person invoking the program) but using a modified access token that includes membership of the
Administrators
group. A process started in this way would show as being owned by you in Task Manager.Using
RunAs
with the Administrator account really does try to invoke the program under the Administrator account. A process started in this way would show as being owned byAdministrator
in the Task Manager.
EDIT: Although the above is relevant, I think the real problem might be to do with something called Session 0 Isolation which started with Windows Vista/Server 2008.
Solution 2:
Sysinternals PSExec could do it?
psexec /s "CMD.EXE" \\computer01 -u "domain\user" -P "password"
After the -u, instead of Domain\User
you can try Computer01\LocalAdministrativeUser
But really it depends on the local configuration of the remote machine. If you don't already have local administrator accounts on there then you are going to have to create those first.
This will launch a new CMD.EXE running as "nt authority\system"
on the remote machine, which is as close to session 0 as you can get these days. Anything you now run in that window is running on the remote machine. Try running IPCONFIG and or HOSTNAME if you are unsure.
Careful. Running at this level allows you to really really break stuff.