39
14
How can I tell in my scripts if PowerShell is running with administrator privileges?
I need to know because I'm trying to run a program that requires the ability to open protected ports.
39
14
How can I tell in my scripts if PowerShell is running with administrator privileges?
I need to know because I'm trying to run a program that requires the ability to open protected ports.
46
[bool](([System.Security.Principal.WindowsIdentity]::GetCurrent()).groups -match "S-1-5-32-544")
Breaking apart what this does:
[bool]
- Cast the end result to a bool
.[System.Security.Principal.WindowsIdentity]::GetCurrent()
- Retrieves the WindowsIdentity
for the currently running user.(...).groups
- Access the groups
property of the identity to find out what user groups the identity is a member of.-match "S-1-5-32-544"
checks to see if groups
contains the Well Known SID of the Administrators group, the identity will only contain it if "run as administrator" was used.BOOO. Give this man more upvotes – Kolob Canyon – 2017-10-24T18:58:25.860
4I prefer the answer by @Bill_Stewart below since it is free of magic strings. – 8DH – 2018-04-20T06:49:52.410
Instead of using -match
and typecasting: [Security.Principal.WindowsIdentity]::GetCurrent().Groups -contains 'S-1-5-32-544'
– TheIncorrigible1 – 2019-10-20T04:23:36.003
2Instead of just posting a line of code, can you please explain what it does? This helps future visitors in understanding and adapting it, if necessary. – slhck – 2014-05-03T15:53:41.813
63
([Security.Principal.WindowsPrincipal] `
[Security.Principal.WindowsIdentity]::GetCurrent() `
).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
This retrieves the current Windows identity and returns True if the current identity has the Administrator role (i.e., is running elevated).
13While the accepted answer is correct, this answer is much more clear, especially to someone who may read your script six months from now. – Patrick Seymour – 2014-05-20T19:52:10.423
49
In Powershell 4.0 you can use requires at the top of your script:
#Requires -RunAsAdministrator
Outputs:
The script 'MyScript.ps1' cannot be run because it contains a "#requires" statement for running as Administrator. The current Windows PowerShell session is not running as Administrator. Start Windows PowerShell by using the Run as Administrator option, and then try running the script again.
what if you want a function that exits if not ran by admin? – Kolob Canyon – 2017-10-24T18:58:56.067
1@KolobCanyon - There's no such thing as running only a PowerShell function elevated; the entire PowerShell process is either elevated or not. – Bill_Stewart – 2017-11-05T23:27:47.080
@Bill_Stewart yes, but you can return
if the user is not admin :) – Kolob Canyon – 2017-11-06T21:39:21.373
1@KolobCanyon - you can only elevate the PowerShell process; you cannot elevate a single function. That's why the #Requires -RunAsAdministrator
is useful: It prevents the entire script from running if you're not elevated. – Bill_Stewart – 2017-11-06T21:45:31.630
@Bill_Stewart Yeah, I'll have to use that at some point. – Kolob Canyon – 2017-11-06T21:52:35.623
1
You mat consider to elevate permissions as described in Gaining administrator privileges in PowerShell answer
– MiFreidgeim SO-stop being evil – 2016-02-11T04:00:33.637