39
14
How can I tell in my scripts if PowerShell is running with administrator privileges?
I need to know because I'm trying to run a program that requires the ability to open protected ports.
Boomerang
Posted 2014-05-03T08:44:18.253
Reputation: 551
46
[bool](([System.Security.Principal.WindowsIdentity]::GetCurrent()).groups -match "S-1-5-32-544")
Breaking apart what this does:
[bool] - Cast the end result to a bool.[System.Security.Principal.WindowsIdentity]::GetCurrent() - Retrieves the WindowsIdentity for the currently running user.(...).groups - Access the groups property of the identity to find out what user groups the identity is a member of.-match "S-1-5-32-544" checks to see if groups contains the Well Known SID of the Administrators group, the identity will only contain it if "run as administrator" was used.
RMazi
Posted 2014-05-03T08:44:18.253
Reputation: 592
BOOO. Give this man more upvotes – Kolob Canyon – 2017-10-24T18:58:25.860
4I prefer the answer by @Bill_Stewart below since it is free of magic strings. – 8DH – 2018-04-20T06:49:52.410
Instead of using -match and typecasting: [Security.Principal.WindowsIdentity]::GetCurrent().Groups -contains 'S-1-5-32-544' – TheIncorrigible1 – 2019-10-20T04:23:36.003
2Instead of just posting a line of code, can you please explain what it does? This helps future visitors in understanding and adapting it, if necessary. – slhck – 2014-05-03T15:53:41.813
63
([Security.Principal.WindowsPrincipal] `
[Security.Principal.WindowsIdentity]::GetCurrent() `
).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
This retrieves the current Windows identity and returns True if the current identity has the Administrator role (i.e., is running elevated).
Bill_Stewart
Posted 2014-05-03T08:44:18.253
Reputation: 862
13While the accepted answer is correct, this answer is much more clear, especially to someone who may read your script six months from now. – Patrick Seymour – 2014-05-20T19:52:10.423
49
In Powershell 4.0 you can use requires at the top of your script:
#Requires -RunAsAdministrator
Outputs:
The script 'MyScript.ps1' cannot be run because it contains a "#requires" statement for running as Administrator. The current Windows PowerShell session is not running as Administrator. Start Windows PowerShell by using the Run as Administrator option, and then try running the script again.
eddiegroves
Posted 2014-05-03T08:44:18.253
Reputation: 1 153
what if you want a function that exits if not ran by admin? – Kolob Canyon – 2017-10-24T18:58:56.067
1@KolobCanyon - There's no such thing as running only a PowerShell function elevated; the entire PowerShell process is either elevated or not. – Bill_Stewart – 2017-11-05T23:27:47.080
@Bill_Stewart yes, but you can return if the user is not admin :) – Kolob Canyon – 2017-11-06T21:39:21.373
1@KolobCanyon - you can only elevate the PowerShell process; you cannot elevate a single function. That's why the #Requires -RunAsAdministrator is useful: It prevents the entire script from running if you're not elevated. – Bill_Stewart – 2017-11-06T21:45:31.630
@Bill_Stewart Yeah, I'll have to use that at some point. – Kolob Canyon – 2017-11-06T21:52:35.623
1
You mat consider to elevate permissions as described in Gaining administrator privileges in PowerShell answer
– MiFreidgeim SO-stop being evil – 2016-02-11T04:00:33.637