To run a script 'As Admin' (with elevated permissions) using VBscript can be done by simply running ShellExecute and setting the runas flag. This can be used to run an executable, or to run an entire script (batch file or VBScript) with elevated permissions.
Below is a Batch file that will check if it is running elevated, and if not will prompt for elevation by creating and executing a two line VBScript (~ElevateMe.vbs) the VBScript is created on the fly with a couple of Echo statements:
@Echo Off Setlocal :: First check if we are running As Admin/Elevated FSUTIL dirty query >nul if %errorlevel% EQU 0 goto START ::Create and run a temporary VBScript to elevate this batch file Set _batchFile=%~f0 Set _Args=%* :: double up any quotes Set _batchFile=""%_batchFile:"=%"" Set _Args=%_Args:"=""% Echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\~ElevateMe.vbs" Echo UAC.ShellExecute "cmd", "/c ""%_batchFile% %_Args%""", "", "runas", 1 >> "%temp%\~ElevateMe.vbs" cscript "%temp%\~ElevateMe.vbs" Exit /B :START :: set the current directory to the batch file location cd /d %~dp0 :: Place the code which requires Admin/elevation below Echo We are now running as admin [%1] [%2] pause
Testing if the current session is elevated can be done with the FSUTIL command (via StackOverflow).
FSUTIL dirty query >nul If %errorLevel% NEQ 0 ( Echo Failure, please rerun this script from an elevated command prompt. Exiting... Ping 127.0.0.1 3>&1 > nul Exit /B 1 ) Echo Success: this script is running elevated.
When a script is run with elevated permissions several aspects of the user environment will change: The current directory, the current TEMP folder and any mapped drives will be disconnected.
“It is impossible to genuinely elevate yourself by pushing another person lower” - Guy Finley
.ShellExecute - Run a script/application in the Windows Shell (elevated)
PowerShell: Run with Elevated Permissions
elevate - Command-Line UAC Elevation Utility