7

I am logging into a Windows Server 2016 box on GCP via SSH. That leaves me logged into a powershell session, but I need to have Admin privileges to successfully run some commands. I do not have another Admin account, so I basically need to elevate the current session somehow, start a new shell as admin, or find a way of running commands as myself elevated to admin status.

I know about the runas command, but I can only see ways of running as other users, not myself elevated into the admin role. I basically want sudo for Windows :)

Bear in mind that I cannot solve this issue using something that requires a normal UAC prompt, as that prompt needs to be handled using a mouse/keyboard in a graphical environment (typically RDP).

oligofren
  • 1,188
  • 21
  • 38
  • 1
    Does this answer your question? [Is there any 'sudo' command for Windows?](https://superuser.com/questions/42537/is-there-any-sudo-command-for-windows) – harrymc Mar 30 '20 at 08:57
  • No. They all rely on the UAC prompt, whereas I am logged in via SSH, meaning such a prompt is unavailable. `runas` is not applicable and the `elevate` 3-rd party command does not seem to work. The answer here might be that this is not possible due to a limitation in how UAC works, but I have not gotten such a response. – oligofren Mar 30 '20 at 12:15
  • What happens if you run `Start-Process powershell -Verb runas` from a powershell session? Or `powershell -NoProfile -Command "& {Start-Process -FilePath powershell -Verb runas}"` out of it? – JosefZ Mar 30 '20 at 21:35
  • Did you find any solutions? I'm having same problem for OpenSSH on my Azure Windows server. – wonsuc Jan 18 '23 at 02:54
  • @wonsuc AFAIK, it turned out I did not need it for some reason. I believe that the account I logged in as had Administrative rights and that it worked out of the box, but that I had not understood it at the point of posting this. This is almost 3 years ago, so memory is fading ... But I _do_ know that I have been executing lots of commands via SSH requiring admin rights, so something must have been right :) – oligofren Jan 18 '23 at 06:40
  • 1
    @oligofren Thanks for your feedback on an old article. In my case, I could solve it by generating an ssh key for Windows local user account and adding the public key of it in `.ssh/authorized_keys`, and giving permission to this file correctly then everything suddenly worked fine. Before this, I was using an id and password connection. – wonsuc Jan 19 '23 at 00:56

1 Answers1

2

To run an elevated command without UAC prompt will require using the Task Scheduler. As far as I know, all other solutions will require a UAC prompt to work.

The idea is to create a scheduled task with a trigger that is never activated, so it can only be run manually with the command :

schtasks /run /tn "task-name"

For more information see the article which today is still mostly true:
Windows 7: Elevated Program Shortcut without UAC Prompt - Create.

Note that you should specify your user account for the task, which must have administrator privileges, and also specify "Run with highest privileges" to run the task using an elevated privileges token rather than the default least privileges (UAC) token.

The task can execute one command. This can be a batch script into which you will place (perhaps dynamically) the command to run. Note that this will be a huge security hole if anyone else discovers this task.

harrymc
  • 455,459
  • 31
  • 526
  • 924