48

In windows 7, I'd like to schedule a program to be run with administrative privileges, without having the user need to respond to a prompt (which requests elevated privileges) every time the scheduled task is run. Is there any way to accomplish this goal without disabling UAC prompts for all applications?

Might not be relevant, but I'm trying to get this program to run at startup.

notAlex
  • 587
  • 1
  • 4
  • 6
  • 3
    What prompt are they getting now? a task can be scheduled with admin privaleges at the bottom of the first tab, check "Run with highest privaleges" – Wutnaut Jun 18 '14 at 14:38
  • As for running at startup: on the "triggers" tab choose new, then change the "on a schedule" drop-down to "on startup" – Wutnaut Jun 18 '14 at 14:39
  • The prompt is for an elevation of privileges to administrator privileges, I'll clarify in the question. – notAlex Jun 18 '14 at 17:39
  • Sounds like UAC, you'll have to disable it if you don't want your users prompted. – Wutnaut Jun 18 '14 at 17:46
  • That would work, but its desirable in my case for UAC to still prompt on other non-scheduled applications. I'll clarify again. – notAlex Jun 18 '14 at 18:29

4 Answers4

74

  1. Open Task Scheduler

  2. Create a new task

  3. In the "General" tab - ensure the following settings are entered:

    • "Run whether user is logged on or not"

    • "Run with highest privileges"

    • "Configure For" (your operating system)

  4. In the "Triggers" tab, when adding a trigger (schedule) - ensure that the "Enabled" checkbox is checked

The other tabs need to be looked at as well (actions etc) - but these are the options you should specify when trying to ensure a task runs regardless of which user is logged in, and without the UAC prompts.

When saving the task, you will be prompted to enter a username and password - this username and password is the user that will be used to execute the task. If you are running the task with "highest privileges" you will need to make sure this is an admin account.

DavidPostill
  • 153,128
  • 77
  • 353
  • 394
Fazer87
  • 12,520
  • 1
  • 36
  • 48
  • 5
    The problem is that if you use the `Run whether user is logged on or not` option, the program will not have a GUI (or tray icon). You have to disable that option for it to have a GUI, but then it can only run when the user logs in, which means it cannot run as admin. It’s a frustrating and common catch-22 that Microsoft missed and still seems to ignore. – Synetech May 10 '17 at 23:57
  • @Synetech If the user is there to use a GUI, the user is there to use the UAC prompt. – Damian Yerrick Jun 08 '17 at 14:27
  • Worked for me. But I don't understand why it was necessary to create a new task for this to start working. – boot13 May 11 '18 at 13:04
  • This works. But later I figured that if you happen to "Sleep" your computer, the opened app silently gets closed when waken up. Well at least that happened to Visual Studio. – Ε Г И І И О May 25 '18 at 14:42
  • But what is the admin password? – Moss May 04 '19 at 23:38
  • The admin password is whatever you set it to. If you don't know, you'll need to reset it. – Fazer87 May 07 '19 at 12:12
  • To get the application to run as if user accepted the UAC prompt (with GUI and everything): 1) In General tab instead choose "Run only when user is logged on" 2) For "At log on" trigger set "Delay task for" to something large enough, 30 seconds worked for me. – CrouZ Feb 22 '20 at 21:47
  • For "highest privileges" on Win10 Pro 2004 - I definitely needed to log into Windows under the admin account. It wasn't until being logged in as admin that I could save the task with the "highest privileges" checkbox checked. – DAG Aug 30 '21 at 08:31
4

I am reading that the task needs to be scheduled to run under the NT AUTHORITY\SYSTEM account, in order to execute the job as an Administrator. "Highest privileges" hasn't produced the same effect for us. Note that in the SYSTEM-run job case, the GUI option is grayed out, so there will be no prompt.

access_granted
  • 151
  • 3
  • Indeed. I'm unclear on the nuances between `LOCAL SERVICE`, `NETWORK SERVICE`, and `SYSTEM`, but `SYSTEM` was the only one that could actually perform automated maintenance such as starting and stopping services rather than just querying them. – BaseZen Aug 01 '23 at 23:46
2

You can provide administrator login. It will work:

enter image description here

Donald Duck
  • 2,473
  • 10
  • 29
  • 45
Santosh Aundhekar
  • 21
  • 1
0

It's weird that the Task Scheduler answer doesn't work for me. Combining with the need to frequently choose which app to autostart and which not, I come up with a PowerShell script to solve this:

# On UAC-enabled systems, to make sure a script is running with full admin privileges, add this code at the beginning of your script:

param([switch]$Elevated)

function Test-Admin {
    $currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
    $currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
}

if ((Test-Admin) -eq $false)  {
    if ($elevated) {
       # tried to elevate, did not work, aborting
    } else {
        Start-Process pwsh -Verb RunAs -ArgumentList ('-noprofile -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition))
    }
}

'Running with full privileges'

& "path\to\file"
& "C:\Program Files\Example.exe"
exit

It just gives me more flexible. I place a shortcut of this script into the startup folder, with the target: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -windowstyle hidden path\to\script.ps1

Ooker
  • 1,919
  • 2
  • 22
  • 46