Every now and then you need to run an elevated command from the command line. If the application always requires elevation (i.e. the binary has been marked as requireAdministrator), the UAC prompt shows up — but in the case the application supports both non-elevated and elevated usage and you explicitly want it to run elevated, there is little support for you.
I would have expected start.com to have been augmented by something like a /elevate-switch, but unfortunately, this is not the case and you are left with having to open a new elevated command prompt to continue.
Fortunately, a tool to fill in this gap is straightforward and indeed J. Robbins has already created one. However, the tool is written in C# — it might be old-fashioned, but I still prefer those little tools to be unmanaged and free of the .Net-overhead. I thus created elevate.exe, which provides the same features as John’s tool but is written in C. In fact, it accepts exactly the same command line parameters, which are:
Execute a process on the command line with elevated rights on Vista
Usage: Elevate [-?|-wait|-k] prog [args]
-? - Shows this help
-wait - Waits until prog terminates
-k - Starts the the %COMSPEC% environment variable value and
executes prog in it (CMD.EXE, 4NT.EXE, etc.)
prog - The program to execute
args - Optional command line arguments to prog
Examples:
elevate ipconfig -registerdns elevate -wait procexp elevate -k dir
Having this tool at hand, it is now easy to also extend the shell context menu for directories by an ‘Open Elevated Console here’ entry by adding the following registry entries:
[HKEY_CLASSES_ROOT\Directory\shell\Open Elevated Console here]
@="Open Ele&vated Console here"
[HKEY_CLASSES_ROOT\Directory\shell\
Open Elevated Console here\command]
@="c:\\path\\to\\elevate.exe
/K \"title %1 && color 1a && cd /D %1\""
Download source code, x86 and x64 binary.
Update: You may use the source code under the terms of the MIT License.
LinkedIn Profile
Xing Profile
Follow me on Twitter (new)
very interesting, but I don’t agree with you
Idetrorce
Any chance to combine this with RunAs?
Here’s what I have in mind:
I have two accounts, one for normal office work, another one for domain admin work.
I log on to my workstation with the non-priviledged account and want be able to open admin tools with the other account.
But these tools (AD Users and Computers etc.) require elevation.
Up to now I found no way to combine Elevate and RunAs so that I have to provide credentials only one time.
What does the command you are using look like? Assuming that the domain account you are using for admin work uses UAC in admin approval mode, I’d expect runas /u:domain\account “elevate xyz.msc” to work fine…
I tried
runas /u:domain\account “elevate dsa.msc”
or
runas /u:domain\account “elevate /k \”title something\”"
but I always have to enter the credentials two times:
first for the runas (ok, only the password), then another time for the elevate cmd.
Somehow I expected after doing the runas it should be clear that elevate runs under the other account. Then Vista should only ask for approval.
Is it really the same account that you are using for both, runas and the UAC OTS dialog?
If you perform a regular logon (i.e. no runas but logoff and logon again) on your machine using your admin-domain account and then launch MMC — do you get a UAC consent dialog or an OTS prompt? If the latter is the case (i.e. you have to enter credentials), then the account probably has no local admin rights and the behavior regarding runas/elevate would make sense.
Thank you very much for such a useful utility. Thanks also for releasing the source code.
While this utility looks like exactly the thing I need, I cannot download it, because our firewall blocks the ZIP file because there seems to be a virus SPR/Tool.SIB in it. Can you re-check this and upload it again? (Or mail it to me so I can check it again). Thanks!
Oh well, never mind. I asked our sysadmin, and he got it for me and checked it. Seems like a false alert from our firewall.
Anyways, would it be okay to re-distribute the tool bundled with a hardware product?
Exactly what I need.
I love it’s a compact EXE written in C instead of vbs, cmd, .NET stuff.
Thank you!
This is great. Two questions: How is it licensed and is it possible to suppress the new command prompt when Elevate is used from within an existing command prompt?
Consider it licensed under the MIT license — feel free to change the source or to redistribute the binary.
Concerning your other question — this is the default behaviour of ShellExecute when the runas verb is used. I am not aware of any way to override this behavior.
great tool
I used it with runasspc from robotronic.de to call explorer.exe or cmd.exe under another user account with elevated rights
But since some time symantec detect
elevate.exe as Trojan.Gen
Awesome! Going to use it for starting Tomcat in that freaking program files folder. I had a solution involving VBS (which seems to work on most modern Windows OS) but this is a lot cleaner. Thanks!
It look like it have a problem with running scripts (these from %PATHEXT%). Like python ones. Otherwise it could be perfect windows gksudo replacement. Considering it is MIT licence I will try to implement that.
Brilliant tool!
I just have one question.. I’m trying to use this with Console2 to be able to open an elevated Powershell, but ‘elevate powershell’ pops up in a separate window instead appearing inside Console2 (as when I run simply ‘powershell’.
And to make this tool even more user friendly you can use this script which helps to dispatch the right executor:
@echo off if "%PROCESSOR_ARCHITECTURE%" == "x86" ( @start x86-elevate.exe %* ) else ( if "%PROCESSOR_ARCHITECTURE%" == "AMD64" ( @start x64-elevate.exe %* ) else ( echo Unsupported platform. @pause ) )ok, maybe this version is better for other usages:
@echo off if "%PROCESSOR_ARCHITECTURE%" == "x86" ( %~d0%~p0..\lib\x86\elevate.exe -wait -k "CD %CD% & %* > out & exit" & type out ) else ( if "%PROCESSOR_ARCHITECTURE%" == "AMD64" ( %~d0%~p0..\lib\x86_64\elevate.exe -wait -k "CD %CD% & %* > out & exit" & type out ) else ( echo Unsupported platform. @pause ) )It seems that the file can ‘t be downloaded anymore. Is there someone who can send it to me?
The download should work again, thanks for telling.
Hi, thank you for a usefull utility.
I am trying to add some CMD to start up to run at log in and restart the Explorer elevated (taskkill + elevate), but it doest works every time. Is there a way to elevate explorer at log in?
Thanks a lot for the tool; please note though that this application (by design) does not work on XP and earlier, which is really an unnecessary restriction. I had to change the code to just fallback to “open” instead of “runas” in XP. Works beautifully and we don’t have to abandon XP support.
Useful tool, thanks.
Awesome tool – thanks again for writing this in C.
I’m trying to launch assoc .vlan=”file type description” with your x64 elevate command, however, when I execute
elevate assoc .vlan=”file type description”, I get the following message,
assoc .vlan=”file type description” could not be launched!
Please tell me why this is happening please!
Hi Johannes,
Thank you for such a nice utility. I am using your program to launch jar files under admin access, something like:
<<>> it works fine, however there is one thing that i would like to know. Is there any possibility to know if the user rejected the UAC prompt. Like if users said no, the file will not execute, but is there something that is returned by Elevate.exe that can inform if access was approved or denied?
Ah sorry, i got it, it returns: cmd could not be launched: 1223
thank you this is perfect
I am trying to use this with certutil.exe (builtin windows command) to import certificates on the computer account.
But it seems to work but it dont add any certificates.
If I use the through windows elevated command line prompt, it works but not with the elevated command.
Tried both 32 and 64 bits.
What could be the issue?
This program is much nicer: http://code.kliu.org/misc/elevate/
Hi,
I like your tool, but I have questions:
* What is the ‘Elevate.pdb’ file?
* is it safe delete it?
* what happens if I execute the application in a previous version of Windows Vista?
Thanks!
@Jimi add your certutil command in a batch file, and load the batch file using this Elevate.exe, it will work
Thanks a lot for this small tool and especially the source code. It’s so much better than the bloated .net version or the vbs version for which you need to enable the potentially harmful interpreter.
if you would like to run it UNELEVATED, from ELEVATED process, you can use:
http://mdb-blog.blogspot.com/2013/01/nsis-lunch-program-as-user-from-uac.html
With several jackpots resting at around $1, 000, 000 you may punch this massive on almost any 2nd as well as even though
you tend not to strike the actual main jackpot, with all the current other capabilities along with ensures
you could potentially still wind up going for walks
absent prosperous. At the moment, these are providing a $5000 allowed reward offer to any or all brand new
gamers on the initial a pair of remains. A highly in depth Genie embraces that you
the website making it seem appealing, cozy, and helpful while using anticipation of developing ones wildest ambitions a real possibility.
Once you attack a good earn, this may show
to be an excellent feature before cashout!
Despite the fact that they will perform offer a handful of table
video game titles such as roulette, blackjack, and Baccarat, the primary focus is usually with slots.
Bush, with 2006, accredited the latest rules referred to as “Unlawful World-wide-web Games Enforcement Act”, greater called UIGEA, of which caused almost all of the Online
Casinos for you to stop this acceptance folks players to join his
or her web-sites.
Elevate.exe is pretty much useless when you only want to run commands as admin
…that’s when you could just copy cmd.exe from \system32\ folder and rename it to “cmda.exe” for “cmd” + “(a)dministrator” and set it to always run as Administrator!
[HKEY_CLASSES_ROOT\Directory\Background\shell\cmda]
@=”Open Elevated Console here”
“HasLUAShield”=”"
[HKEY_CLASSES_ROOT\Directory\Background\shell\cmda\Command]
@=”cmda.exe /s /k pushd \”%V\”"
Easy! Hurr durr
Hello there! Would you mind if I share your blog with my facebook group?
There’s a lot of folks that I think would really appreciate your content. Please let me know. Many thanks
I have read so many posts about the blogger lovers however this piece of writing is genuinely a
pleasant piece of writing, keep it up.