While I am an enthusiastic user of TCC-LE
, there is a solution which does not need any new programs:-
- Start
cmd
as administrator.
- This should start you in
%SystemRoot%\system32\
- if not, cd
there.
copy cmd.exe cmdadmin.exe
(or any name you choose, such as su.exe
).
- Now run Explorer and find
cmdadmin.exe
.
- Right-click and select Properties.
- In the Compatibility tab select run as admin (or set it for all users).
Now cmdadmin
is your su
or sudo
: you can start it without parameters to give you a shell with administrative privileges, or you can run it with /c
to execute a single command in this mode. Depending on your policies, you may or may not be prompted for confirmation.
Note that this will always open a new window (as does the TCC solution start /elevated ...
): for a GUI application this is expected, but for a command-line program, you may want to use /k
instead of /c
, to give you a chance to see the output; or you could run via a batch file (sudo.cmd
perhaps?) which concatenates & pause
to the end of your run string.
In either case it's not quite the same as su
or sudo
, but it's the closest you'll get. By setting the windows layout manually, the new window can be created directly below and abutting the original.
32note that su/sudo -s actually also starts a new shell process. It's just the elevated processes are connected to the same terminal, so they appear as if it's elevated in-place. – Lie Ryan – 2017-04-17T11:17:21.057
1"it should not spawn a new window or display UAC prompts" Are you just saying it should not require graphical interaction? Or do you not want to be prompted at all? For example,
sudo
will prompt for a password sometimes, but it does so with a text interface. I'm kind of wondering how Nano servers (which I don't believe even offer a GUI for Remote Desktop by default) handle it. – jpmc26 – 2017-04-17T20:28:53.8903@jpmc26 Interaction on the text interface is okay. – user2064000 – 2017-04-17T20:30:17.227
@jpmc26 I wonder if the Nano server even has UAC. Given that it's optimized for containers, it doesn't sound very useful. It was disabled in Server Core versions as well, IIRC. If you enabled it accidentally, you got a whole stack of troubles :) – Luaan – 2017-04-18T08:00:33.217
2@user2064000 The UAC prompt is (at least by default for non-Windows binaries) launched on the Secure Desktop, not on the user's current desktop. Aside from being slightly annoying, this is designed to prevent other processes interfering with the UAC prompt. Also, if authentication is required, that will have to be on the Secure Desktop, and some admins may also require a Ctrl-Alt-Del sequence to prove that Windows is taking the password and not some other process impersonating a password prompt. So typing a password in the cmd window probably wouldn't fly from a Microsoft security perspective. – Calchas – 2017-04-18T15:57:57.683
Semi-related: https://superuser.com/questions/667607/check-if-current-command-prompt-was-launched-as-the-administrator
– Canadian Luke – 2017-04-18T17:22:11.690Duplicate of https://superuser.com/questions/398813/windows-7-how-can-i-elevate-a-running-cmd-window/398823 and https://superuser.com/questions/129034/elevate-a-running-program-to-administrator-windows-7 Possibly relevant: http://stackoverflow.com/a/12264592/259953
– Der Hochstapler – 2017-04-18T19:12:08.9571
You can use the
– Hybris95 – 2017-04-19T15:06:17.743runas
command. Run an application as administrator from prompt