Since the introduction of User Account Control (UAC), scripts do not run with administrator privileges despite being a local administrator. You must elevate your script to run with administrator privileges. I’ll start by showing you a simple example. The script below will list all of the processes on the local computer as well as the WIN32_Process CommandLine property. If you run the script on a computer with UAC without elevating it, you will only see CommandLine values for processes created by your account; if any other processes were created by another account, the CommandLine property will be NULL.
strComputer = "." Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2") Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_Process",,48) For Each objItem in colItems Wscript.Echo "Process: " & objItem.Name & vbCrLf & _ "Startup: " & objItem.CommandLine Next
On a test machine, I was logged on as User1, opened notepad, and launched a vbscript as the local administrator account using RunAs. I ran the script above and compared the results to task manager with the following results:
As you can see, the script successfully showed the CommandLine property for the currently logged on user
However, the test script failed to show the CommandLine property for the wscript.exe process running as administrator:
By re-running the test script with elevated privileges, the script now successfully shows the CommandLine property for the wscript process running as Administrator.
Now that I have successfully demonstrated the need to run a script elevated on a local machine, you might be wondering what happens when you the test script on a remote machine. If you run the script on a remote machine that you have administrator rights on, it will successfully display the CommandLine property for all users. Now, you might be confused as to why it works remotely? The answer is quite simple, the script is elevated by RPC. Now that you have a good understanding of running vbscripts with UAC elevation, here are some methods on how to elevate them.
Method 1 – Elevating Using the Command Prompt
- Click Start, All Programs, Click Accessories
- Right-click Command Prompt and click Run as administrator
- Click Yes
- Any script you launch using wscript.exe or cscript.exe will launch elevated
Method 2 – RunAs Script
This method uses a wrapper script to run an elevated VBScript using the runas verb with the ShellExecute method of Shell.Application. When it launches the elevated script, click Yes
Method 3 – Add ‘Run as administrator’ to the .vbs File Context Menu
The ‘Run as administrator’ option on a File Context Menu is only available on certain file types by default, and .vbs files are not one of them. However, by doing a quick registry modification we can enable the ‘Run as administrator’ option o the file context menu. Download and run the following registry to merge it into your registry, or you can copy the below text and save it to a .reg file:
Add Run as administrator to VBS File Context Menu
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\Shell\runas] "HasLUAShield"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\Shell\runas\Command] @=hex(2):22,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\ 00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,57,00,\ 53,00,63,00,72,00,69,00,70,00,74,00,2e,00,65,00,78,00,65,00,22,00,20,00,22,\ 00,25,00,31,00,22,00,20,00,25,00,2a,00,00,00