Bypassing the need to enter Admin Credentials when running a Batch/Powershell script

administrator batch-file powershell uac elevated-privileges

I need to develop a script for my client that will disable/enable the WWAN card on his laptop.

  • Client should be able to enable/disable the WWAN card without giving the client administrator credentials or an account
  • Should be user friendly. Like just double clicking the enable or disable shortcut on desktop to toggle on/off.
  • Avoid any method that may compromise security like disabling the need for Elevated credential prompts for all applications. (Only want to bypass for this script)

I have the command to disable/enable WiFi adapter. However, it requires that powershell be run as Administrator otherwise access will be denied.

Disable-NetAdapter -Name "Wi-Fi" -Confirm:$false

I have tried the following to no success. (Either Access Denied or the UAC Pops up and prompts for Admin Credentials):

  • Creating a .Bat file that runs the PS script with ExecutionPolicy -Bypass
powershell.exe -executionpolicy bypass -windowstyle hidden -noninteractive -nologo -file "c:\Users\%username%\Desktop\DisableWifi.ps1"
  • Creating a shortcut of the PS Script with "Run As Admin" Enabled
  • Creating a shortcut with Run As Admin of a .Bat file that enables/disables the Network Adapter. 
netsh interface set interface Wi-Fi disable
  • ExecutionPolicy Bypass inside the PS Script
Start-Process powershell.exe -ArgumentList "/noexit", "-executionpolicy bypass","-file C:\Users\$env:UserName\Desktop\DisableWiFi.ps1"

Is there anyway to allow my client to be able to toggle on/off the WWAN card through a script on the desktop without them needing to enter admin credentials?

Thanks!


It can be done.

  • The user must be running as an adminstrator.

Imagine we're back in the Windows XP days. If the user is running as a standard user, they simply cannot perform administrator functions. You can cry and complain as much as you want - but a standard user cannot gain administrator privileges just because they want them.

That has not changed: you have to be an administrator to administrate.

If the user is a standard user: you simply cannot bypass that.

  • So how do make it so the user doesn't need to get an administrator to enter their administrator credentials?
  • make them an administrator!

Which is easy enough to do:

  • don't make them a standard user
  • make them an administrator

But we all know you're complaining about UAC

We all know you're talking about being having to click OK on a UAC dialog. And as much as users hate it: tell them to get an enema and do some deep knee-bends.

Alternatively: you have to turn off UAC - so they run as Administrator all the time.

Thus making any malware able to completely take over their machine the instant it can run.

Related

Why in order to use default constructor in Derived Class, we need a default constructor in the Base Class
Add dropdown list to every column in a DT table where the values from the dropdown lists are fetched from another dataframe
I am having PLS-00103: Encountered the symbol
Azure Stream ANalytics - Find Most Recent `n` Events Within Time Interval
Help finding the roots of a complex function $f(z)=e^{\cos(z)}-1$ where $z \in \mathbb C$
Do planes in multi-dimensional spaces rarely interact?
Bijective function from $\Bbb Z^+$ to $\Bbb Z\backslash \{-1,0,1\}$
Evaluating $\sum_{cyc} \frac{a^4}{(a-b)(a-c)}$, where $a=-\sqrt3+\sqrt5+\sqrt7$ , $b=\sqrt3-\sqrt5+\sqrt7$, $c=\sqrt3+\sqrt5-\sqrt7$
Compute the derivative of $f (x) := Ax$ w.r.t. matrix $A$ [closed]
Decimal representation of a multiple entirely consists of odd digits [duplicate]
Are the notations $C[0,1]$ and $C([0,1])$ the same?
Find the fundamental group of a topological space X obtained from S3 by removing a figure 8