Batch script how to check for admin rights

Question

How do I check if the current batch script has admin rights   I know how to make it call itself with runas but not how to check for admin rights  The only solutions I ve seen are crude hack jobs or use external programs  Well  actually I don t care if it is a hack job as long as it works on Windows XP and newer

User · Answer

two more ways - fast and backward compatible .

fltmc >nul 2>&1 && (
  echo has admin permissions
) || (
  echo has NOT admin permissions
)

fltmc command is available on every windows system since XP so this should be pretty portable.

One more really fast solution tested on XP,8.1,7 - there's one specific variable =:: which is presented only if the console session has no admin privileges.As it is not so easy to create variable that contains = in it's name this is comparatively reliable way to check for admin permission (it does not call external executables so it performs well)

setlocal enableDelayedExpansion
set "dv==::"
if defined !dv! ( 
   echo has NOT admin permissions
) else (
   echo has admin permissions
)

If you want use this directly through command line ,but not from a batch file you can use:

set ^"|find "::"||echo has admin permissions

User · Answer

Literally dozens of answers in this and linked questions and elsewhere at SE  all of which are deficient in this way or another  have clearly shown that Windows doesn t provide a reliable built-in console utility  So  it s time to roll out your own   The following C code  based on Detect if program is running with full administrator rights  works in Win2k 1  anywhere and in all cases  UAC  domains  transitive groups     - because it does the same as the system itself when it checks permissions  It signals of the result both with a message  that can be silenced with a switch  and exit code   It only needs to be compiled once  then you can just copy the  exe everywhere - it only depends on kernel32 dll and advapi32 dll  I ve uploaded a copy    chkadmin c    include  lt malloc h gt   include  lt stdio h gt   include  lt windows h gt   pragma comment  lib  Advapi32 lib    int main int argc  char   argv        BOOL quiet   FALSE      DWORD cbSid   SECURITY MAX SID SIZE      PSID pSid    alloca cbSid       BOOL isAdmin       if  argc  gt  1            if   strcmp argv 1    q    quiet TRUE          else if   strcmp argv 1          fprintf stderr  Usage   s   q  n  argv 0   return 0              if   CreateWellKnownSid WinBuiltinAdministratorsSid NULL pSid  amp cbSid             fprintf stderr  CreateWellKnownSid  error  d n  GetLastError    exit -1         if   CheckTokenMembership NULL pSid  amp isAdmin             fprintf stderr  CheckTokenMembership  error  d n  GetLastError    exit -1         if   quiet  puts isAdmin    Admin     Non-admin        return  isAdmin        1MSDN claims the APIs are XP  but this is false  CheckTokenMembership is 2k  and the other one is even older  The last link also contains a much more complicated way that would work even in NT

User · Answer

Note  Checking with cacls for  system32 config system will ALWAYS fail in WOW64   for example from  systemroot  syswow64 cmd exe   32 bit Total Commander  so scripts that run in 32bit shell in 64bit system will loop forever    Better would be checking for rights on Prefetch directory    gt nul 2 gt  amp 1   SYSTEMROOT  system32 cacls exe    SYSTEMROOT  Prefetch     Win XP to 7 tested  however it fails in WinPE as in windows 7 install wim there is no such dir nor cacls exe  Also in winPE AND wow64 fails check with openfiles exe    OPENFILES  gt  nul   In Windows 7 it will errorlevel with  1  with info that  Target system needs to be 32bit operating system   Both check will probably also fail in recovery console   What works in Windows XP - 8 32 64 bit  in WOW64 and in WinPE are  dir creation tests  IF admin didn t carpet bombed Windows directory with permissions for everyone     and  net session   and  reg add HKLM  F   checks   Also one more note in some windows XP  and other versions probably too  depending on admin s tinkering  depending on registry entries directly calling bat cmd from  vbs script will fail with info that bat cmd files are not associated with anything     echo Set UAC   CreateObject   Shell Application     gt    temp  getadmin vbs  echo UAC ShellExecute    s0            runas   1  gt  gt    temp  getadmin vbs  cscript   temp  getadmin vbs    nologo   Calling cmd exe with parameter of bat cmd file on the other hand works OK   echo Set UAC   CreateObject   Shell Application     gt    temp  getadmin vbs  echo UAC ShellExecute  cmd exe     C   s0        runas   1  gt  gt    temp  getadmin vbs  cscript   temp  getadmin vbs    nologo

User · Answer

Alternative  Use an external utility that is designed for this purpose  e g   IsAdmin exe  unrestricted freeware    Exit codes   0 - Current user not member of Administrators group  1 - Current user member of Administrators and running elevated  2 - Current user member of Administrators  but not running elevated

User · Answer

Anders solution worked for me but I wasn t sure how to invert it to get the opposite  when you weren t an admin    Here s my solution   It has two cases an IF and ELSE case  and some ascii art to ensure people actually read it       Minimal Version  Rushyo posted this solution here  How to detect if CMD is running as Administrator has elevated privileges   NET SESSION  gt nul 2 gt  amp 1 IF  ERRORLEVEL  EQU 0       ECHO Administrator PRIVILEGES Detected     ELSE       ECHO NOT AN ADMIN      Version which adds an Error Messages  Pauses  and Exits   rem ----  This code block detects if the script is being running with admin PRIVILEGES If it isn t it pauses and then quits ------- echo OFF NET SESSION  gt nul 2 gt  amp 1 IF  ERRORLEVEL  EQU 0       ECHO Administrator PRIVILEGES Detected     ELSE      echo                                                      echo                                                      echo                                                      echo                                                      echo                                                      echo                                                      echo                                                      echo     echo     echo         ERROR  ADMINISTRATOR PRIVILEGES REQUIRED              echo This script must be run as administrator to work properly       echo If you re seeing this after clicking on a start menu icon  then right click on the shortcut and select  Run As Administrator      echo                                                               echo     PAUSE    EXIT  B 1    echo ON   Works on WinXP --  Win8  including 32 64 bit versions    EDIT  8 28 2012 Updated to support Windows 8    BenHooper pointed this out in his answer below   Please upvote his answer

User · Answer

Here is another one to add to the list  -    attempt a file creation in system location   CD  gt   SystemRoot  System32 Drivers etc    MODE CON COLS 80 LINES 25  IF EXIST   SystemRoot  System32 Drivers etc         DEL   SystemRoot  System32 Drivers etc       ECHO Has Admin privileges    ELSE      ECHO No Admin privileges      The MODE CON reinitializes the screen and surpresses any text errors when not having the permission to write to the system location

User · Answer

A collection of the four seemingly most compatible methods from this page  The first one s really quite genius  Tested from XP up  Confusing though that there is no standard command available to check for admin rights  I guess they re simply focusing on PowerShell now  which is really useless for most of my own work   I called the batch  exit-if-not-admin cmd  which can be called from other batches to make sure they don t continue execution if the required admin rights are not given   rem Sun May 03  2020  rem Methods for XP  used herein based on  rem https   stackoverflow com questions 4051883 batch-script-how-to-check-for-admin-rights goto method1   method1 setlocal enabledelayedexpansion set  dv      if defined  dv  goto notadmin goto admin   method2 call fsutil dirty query  SystemDrive   gt nul if  ERRORLEVEL   0 goto admin goto notadmin   method3 net session  gt nul 2 gt  amp 1 if  ERRORLEVEL   0 goto admin goto notadmin   method4 fltmc  gt nul 2 gt  amp 1  amp  amp  goto admin goto notadmin   admin echo Administrator rights detected goto end   notadmin echo ERROR  This batch must be run with Administrator privileges pause exit  b goto end   end

User · Answer

Issues  blak3r   Rushyo s solution works fine for everything except Windows 8  Running AT on Windows 8 results in   The AT command has been deprecated  Please use schtasks exe instead   The request is not supported     see screenshot  1  and will return  errorLevel  1    nbsp   Research  So  I went searching for other commands that require elevated permissions  rationallyparanoid com had a list of a few  so I ran each command on the two opposite extremes of current Windows OSs  XP and 8  in the hopes of finding a command that would be denied access on both OSs when run with standard permissions     Eventually  I did find one - NET SESSION  A true  clean  universal solution that doesn t involve    the creation of or interaction with data in secure locations analyzing data returned from FOR loops searching strings for  Administrator  using AT  Windows 8 incompatible  or WHOAMI  Windows XP incompatible       Each of which have their own security  usability  and portability issues    nbsp   Testing  I ve independently confirmed that this works on    Windows XP  x86 Windows XP  x64 Windows Vista  x86 Windows Vista  x64 Windows 7  x86 Windows 7  x64 Windows 8  x86 Windows 8  x64   Windows 10 v1909  x64    see screenshot  2    nbsp   Implementation   Usage  So  to use this solution  simply do something like this    echo off goto check Permissions   check Permissions     echo Administrative permissions required  Detecting permissions         net session  gt nul 2 gt  amp 1     if  errorLevel     0           echo Success  Administrative permissions confirmed        else           echo Failure  Current permissions inadequate             pause  gt nul   Available here  if you re lazy  https   dl dropbox com u 27573003 Distribution Binaries check Permissions bat   nbsp   Explanation  NET SESSION is a standard command used to  manage server computer connections  Used without parameters   it  displays information about all sessions with the local computer    So  here s the basic process of my given implementation     echo off   Disable displaying of commands  goto check Permissions   Jump to the  check Permissions code block  net session  gt nul 2 gt  amp 1   Run command Hide visual output of command by   Redirecting the standard output  numeric handle 1   STDOUT  stream to nul  Redirecting the standard error output stream  numeric handle 2   STDERR  to the same destination as numeric handle 1   if  errorLevel     0   If the value of the exit code   errorLevel   is 0 then this means that no errors have occurred and  therefore  the immediate previous command ran successfully  else   If the value of the exit code   errorLevel   is not 0 then this means that errors have occurred and  therefore  the immediate previous command ran unsuccessfully  The code between the respective parenthesis will be executed depending on which criteria is met    nbsp   Screenshots  Windows 8 AT  errorLevel       nbsp   NET SESSION on Windows XP x86 - Windows 8 x64      nbsp   Thank you   Tilka  for changing your accepted answer to mine

User · Answer

gt nul 2 gt  amp 1   SYSTEMROOT  system32 cacls exe    SYSTEMROOT  system32 config system  amp  amp    echo admin

User · Answer

The following tries to create a file in the Windows directory  If it suceeds it will remove it   copy  b y NUL  WINDIR  06CF2EB6-94E6-4a60-91D8-AB945AE8CF38  gt NUL 2 gt  amp 1 if errorlevel 1 goto nonadmin del  WINDIR  06CF2EB6-94E6-4a60-91D8-AB945AE8CF38  gt NUL 2 gt  amp 1  admin rem here you are administrator goto eof  nonadmin rem here you are not administrator goto eof   Note that 06CF2EB6-94E6-4a60-91D8-AB945AE8CF38 is a GUID that was generated today and it is assumed to be improbable to conflict with an existing filename

User · Answer

I have two ways of checking for privileged access  both are pretty reliable  and very portable across almost every windows version   1  Method  set guid  random  random - random - random - random - random  random  random   mkdir  WINDIR   guid  gt nul 2 gt  amp 1 rmdir  WINDIR   guid  gt nul 2 gt  amp 1  IF  ERRORLEVEL   0       ECHO PRIVILEGED    ELSE       ECHO NOT PRIVILEGED         This is one of the most reliable methods  because of its simplicity  and the behavior of this very primitive command is very unlikely to  change  That is not the case of other built-in CLI tools like net session that can be disabled by admin network policies  or commands like fsutils that changed the output on Windows 10      Works on XP and later  2  Method  REG ADD HKLM  F gt nul 2 gt  amp 1  IF  ERRORLEVEL   0       ECHO PRIVILEGED    ELSE       ECHO NOT PRIVILEGED         Sometimes you don t like the idea of touching the user disk  even if it is as inoffensive as using fsutils or creating a empty folder  is   it unprovable but it can result in a catastrophic failure if something goes wrong  In this scenario you can just check the registry for privileges       For this you can try to create a key on HKEY LOCAL MACHINE using default permissions you ll get Access Denied and the ERRORLEVEL    1  but if you run as Admin  it will print  command executed successfully  and ERRORLEVEL    0  Since the key already exists it have no effect on the registry  This is probably the fastest way  and the REG is there for a long time         It s not avaliable on pre NT  Win 9X       Works on XP and later    Working example  A script that clear the temp folder   x000D   x000D   echo off x000D   main x000D      echo  x000D      echo  Clear Temp Files script x000D      echo  x000D   x000D      call  requirePrivilegies x000D   x000D      rem Do something that require privilegies x000D   x000D      echo   x000D      del  temp      x000D      echo  End  x000D   x000D      pause gt nul x000D  goto  eof x000D   x000D   x000D   requirePrivilegies x000D      set guid  random  random - random - random - random - random  random  random  x000D      mkdir  WINDIR   guid  gt nul 2 gt  amp 1 x000D      rmdir  WINDIR   guid  gt nul 2 gt  amp 1 x000D      IF NOT  ERRORLEVEL   0   x000D          echo            ERROR  ADMINISTRATOR PRIVILEGES REQUIRED             x000D          echo   This script must be run as administrator to work properly     x000D          echo   Right click on the script and select  Run As Administrator    x000D          echo                                                                 x000D          pause gt nul x000D          exit x000D        x000D  goto  eof x000D   x000D   x000D

User · Answer

In the batch script Elevate cmd  see this link   which I have written to get admin rights  I have done it the following way    checkPrivileges   NET FILE 1 gt NUL 2 gt NUL   if   errorlevel       0    goto gotPrivileges   else   goto getPrivileges     This is tested for Windows 7  8  8 1  10 and even Windows XP and does not need any resource such as a special directory  file or registry key

User · Answer

echo off ver set ADMDIR C  Users Administrator dir  ADMDIR  1 gt nul 2 gt  amp 1 echo   errorlevel    ADMDIR  if   errorlevel     0  goto main    further checks e g  try to list the contents of admin folders    wherever they are stored on older versions of Windows echo You need administrator privileges to run this script   0 echo Exiting    exit  b   main echo Executing with Administrator privileges

User · Answer

I think the simplest way is trying to change the system date  that requires admin rights    date  date  if errorlevel 1      echo You have NOT admin rights   else      echo You have admin rights     If  date  variable may include the day of week  just get the date from last part of DATE command   for  F  delims     a in   date   lt NUL   do set  today   a   amp  goto break  break for   a in   today   do set  today   a  date  today  if errorlevel 1

User · Answer

Not only check but GETTING admin rights automatically aka Automatic UAC for Win 7 8 8 1 ff   The following is a really cool one with one more feature  This batch snippet does not only check for admin rights  but gets them automatically   and tests before  if living on an UAC capable OS    With this trick you don  t need longer to right klick on your batch file  with admin rights   If you have forgotten  to start it with elevated rights  UAC comes up automatically  Moreoever  at first it is tested  if the OS needs provides UAC  so it behaves correct e g  for Win 2000 XP until Win 8 1- tested    echo off REM Quick test for Windows generation  UAC aware or not   all OS before NT4 ignored for simplicity SET NewOSWith UAC YES VER   FINDSTR  IL  5    gt  NUL IF  ERRORLEVEL     0 SET NewOSWith UAC NO VER   FINDSTR  IL  4    gt  NUL IF  ERRORLEVEL     0 SET NewOSWith UAC NO   REM Test if Admin CALL NET SESSION  gt nul 2 gt  amp 1 IF NOT  ERRORLEVEL     0        if  i   NewOSWith UAC     YES            rem Start batch again with UAC         echo Set UAC   CreateObject   Shell Application     gt    temp  getadmin vbs          echo UAC ShellExecute    s0            runas   1  gt  gt    temp  getadmin vbs            temp  getadmin vbs          del   temp  getadmin vbs          exit  B            rem Program will now start again automatically with admin rights       rem pause     goto  eof     The snippet merges some good batch patterns together  especially  1  the admin test in this thread by Ben Hooper and  2  the UAC activation read on BatchGotAdmin and cited on the batch site by robvanderwoude  respect    3  For the OS identificaton by  VER   FINDSTR pattern  I just don t find the reference     Concerning some very minor restrictions  when  NET SESSION  do not work as mentioned in another answer- feel free to insert another of those commands  For me running in Windows safe mode or special standard services down and such are not an important use cases- for some admins maybe they are

User · Answer

Edit  copyitright has pointed out that this is unreliable  Approving read access with UAC will allow dir to succeed  I have a bit more script to offer another possibility  but it s not read-only   reg query  HKLM SOFTWARE Foo   gt NUL 2 gt NUL  amp  amp  goto  error key exists reg add  HKLM SOFTWARE Foo   f  gt NUL 2 gt NUL    goto  error not admin reg delete  HKLM SOFTWARE Foo   f  gt NUL 2 gt NUL    goto  error failed delete goto  success   error failed delete   echo Error unable to delete test key   exit  b 3  error key exists   echo Error test key exists   exit  b 2  error not admin   echo Not admin   exit  b 1  success   echo Am admin     Old answer below  Warning  unreliable    Based on a number of other good answers here and points brought up by and31415 I found that I am a fan of the following   dir   SystemRoot  System32 config DRIVERS  2 gt nul  gt nul    echo Not Admin   Few dependencies and fast

User · Answer

PowerShell anyone   param        string  Role    Administrators      check for local role   identity    New-Object Security Principal WindowsIdentity  env UserName   principal   New-Object Security Principal WindowsPrincipal  identity   Write-Host  IsInRole   Role       principal IsInRole  Role    enumerate AD roles and lookup   groups    identity  GetCurrent   Groups foreach   group in  groups         trans    group Translate  Security Principal NTAccount        if   trans Value -eq  Role           Write-Host  User is in   Role  role

User · Answer

Another way to do this   REM                 CHECKING OR IS STARTED AS ADMINISTRATOR                FSUTIL   findstr  I  volume   gt  nul amp if not errorlevel 1  goto Administrator OK  cls echo                                                         echo        R U N    A S    A D M I N I S T R A T O R        echo                                                         echo  echo  echo Call up just as the Administrator  Abbreviation can be done to the script and set  echo  echo      Shortcut   gt  Advanced   gt  Run as Administrator echo  echo  echo Alternatively  a single run  Run as Administrator  echo or in the Schedule tasks with highest privileges pause  gt  nul goto eof  Administrator OK  REM Some next lines code

User · Answer

Here s my 2-pennies worth   I needed a batch to run within a Domain environment during the user login process  within a  workroom  environment  seeing users adhere to a  lock-down  policy and restricted view  mainly distributed via GPO sets    A Domain GPO set is applied before an AD user linked login script Creating a GPO login script was too per-mature as the users  new  profile hadn t been created loaded or ready in time to apply a  remove and or Pin  taskbar and Start Menu items vbscript   add some local files   e g   The proposed  default-user  profile environment requires a   URL    lnk  shortcut placed within the   ProgramData  Microsoft Windows Start Menu Programs MyNewOWA url    and the  C  Users Public Desktop  MyNewOWA url   locations  amongst other items  The users have multiple machines within the domain  where only these set  workroom  PCs require these policies   These folders require  Admin  rights to modify  and although the  Domain User  is part of the local  Admin  group - UAC was the next challenge   Found various adaptations and amalgamated here  I do have some users with BYOD devices as well that required other files with perm issues  Have not tested on XP  a little too old an OS   but the code is present  would love feed back          ------------------------------------------------------------------------        You have a royalty-free right to use  modify  reproduce and distribute        the Sample Application Files  and or any modified version  in any way        you find useful  provided that you agree that the author provides        no warranty  obligations or liability for any Sample Application Files         ------------------------------------------------------------------------                                                                                                  Sample batch script to demonstrate the usage of RunAs cmd                 File            RunAs cmd         Date            12 10 2013         Version         1 0 2                 Main Function   Verifies status of  bespoke  Scripts ability to  Run As - Admin                          elevated privileges and without UAC prompt                 Usage           Run RunAs cmd from desired location                 Bespoke cmd will be created and called from C  Utilities location                 Choose whether to delete the script after its run by removing out-comment                              before the  Del  q Bespoke cmd  command                 Distributed under a  GNU GPL  type basis                  Revisions          1 0 0 - 08 10 2013 - Created          1 0 1 - 09 10 2013 - Include new path creation          1 0 2 - 12 10 2013 - Modify shorten UAC disable process for Admins                 REFERENCES          Sample    inf  secpol msc export from Wins 8 x64   bottom           Would be default but for  no password complexities                  To recreate UAC default           Goto Secpol  edit out Exit  modify  inf set  export as  Wins8x64 inf           and import using secedit cmd provided                                                                                                       echo off  amp  cls     color 9F     Title RUN AS     Setlocal        Verify local folder availability for script     IF NOT EXIST C  Utilities           mkdir C  Utilities  amp  GOTO GenBatch       ELSE           Goto GenBatch            GenBatch     c      cd      cd C  Utilities     IF NOT EXIST C  Utilities Bespoke cmd           GOTO CreateBatch       ELSE           Goto RunBatch            CreateBatch     Echo   gt Bespoke cmd     Echo    ------------------------------------------------------------------------  gt  gt Bespoke cmd     Echo    You have a royalty-free right to use  modify  reproduce and distribute  gt  gt Bespoke cmd     Echo    the Sample Application Files  and or any modified version  in any way  gt  gt Bespoke cmd     Echo    you find useful  provided that you agree that the author provides  gt  gt Bespoke cmd     Echo    has no warranty  obligations or liability for any Sample Application Files   gt  gt Bespoke cmd     Echo    ------------------------------------------------------------------------  gt  gt Bespoke cmd     Echo   gt  gt Bespoke cmd     Echo                                                                                      gt  gt Bespoke cmd     Echo     Sample batch script to demonstrate the usage of Bespoke cmd  gt  gt Bespoke cmd     Echo      gt  gt Bespoke cmd     Echo     File            Bespoke cmd  gt  gt Bespoke cmd     Echo     Date            10 10 2013  gt  gt Bespoke cmd     Echo     Version         1 0 1  gt  gt Bespoke cmd     Echo      gt  gt Bespoke cmd     Echo     Main Function   Allows for running of Bespoke batch with elevated rights and no future UAC  pop-up   gt  gt Bespoke cmd     Echo      gt  gt Bespoke cmd     Echo     Usage           Called and created by RunAs cmd run from desired location  gt  gt Bespoke cmd     Echo                     Found in the C  Utilities folder  gt  gt Bespoke cmd     Echo      gt  gt Bespoke cmd     Echo     Distributed under a  GNU GPL  type basis   gt  gt Bespoke cmd     Echo      gt  gt Bespoke cmd     Echo     Revisions   gt  gt Bespoke cmd     Echo     1 0 0 - 09 10 2013 - Created   gt  gt Bespoke cmd     Echo     1 0 1 - 10 10 2013 - Modified  added ability to temp disable UAC pop-up warning   gt  gt Bespoke cmd     Echo      gt  gt Bespoke cmd     Echo     REFERENCES   gt  gt Bespoke cmd     Echo      gt  gt Bespoke cmd     Echo     Exit code     ErrorLevel    0 - No errors have occurred  i e  immediate previous command ran successfully  gt  gt Bespoke cmd     Echo     Exit code     ErrorLevel    1 - Errors occurred  i e  immediate previous command ran Unsuccessfully  gt  gt Bespoke cmd     Echo      gt  gt Bespoke cmd     Echo     MS OS version check  gt  gt Bespoke cmd     Echo     http   msdn microsoft com en-us library windows desktop ms724833 28v vs 85 29 aspx  gt  gt Bespoke cmd     Echo      gt  gt Bespoke cmd     Echo     Copying to certain folders and running certain apps require elevated perms  gt  gt Bespoke cmd     Echo     Even with  Run As      perms  UAC still pops up   gt  gt Bespoke cmd     Echo      gt  gt Bespoke cmd     Echo     To run a script or application in the Windows Shell  gt  gt Bespoke cmd     Echo     http   ss64 com vb shellexecute html  gt  gt Bespoke cmd     Echo      gt  gt Bespoke cmd     Echo     Machines joined to a corporate Domain should have the UAC feature set from  and  gt  gt Bespoke cmd     Echo     pushed out from a DC GPO policy  gt  gt Bespoke cmd     Echo     e g    Computer Configuration - Policies - Windows Settings - Security Settings -   gt  gt Bespoke cmd     Echo     Local Policies Security Options - User Account Control -   gt  gt Bespoke cmd     Echo     Policy  User Account Control  Behavior of the elevation prompt for administrators  gt  gt Bespoke cmd     Echo             in Admin Approval Mode  Setting  Elevate without prompting  gt  gt Bespoke cmd     Echo      gt  gt Bespoke cmd     Echo                                                                                      gt  gt Bespoke cmd     Echo  gt  gt Bespoke cmd     Echo  Echo off   amp  cls gt  gt Bespoke cmd     Echo color 9F gt  gt Bespoke cmd     Echo Title RUN AS ADMIN gt  gt Bespoke cmd     Echo Setlocal gt  gt Bespoke cmd     Echo  gt  gt Bespoke cmd     Echo Set   OSVer   gt  gt Bespoke cmd     Echo Set   OSVer UAC  gt  gt Bespoke cmd     Echo VER    FINDSTR  IL  5     gt NUL gt  gt Bespoke cmd     Echo IF    ErrorLevel    0 SET   OSVer PreUAC  gt  gt Bespoke cmd     Echo IF     OSVer    PreUAC Goto XPAdmin gt  gt Bespoke cmd     Echo  gt  gt Bespoke cmd     Echo    Check if machine part of a Domain or within a Workgroup environment  gt  gt Bespoke cmd     Echo Set   DomainStat   gt  gt Bespoke cmd     Echo Set   DomainStat   USERDOMAIN    gt  gt Bespoke cmd     Echo If  i     DomainStat   EQU    computername     gt  gt Bespoke cmd     Echo Goto WorkgroupMember gt  gt Bespoke cmd     Echo   ELSE   gt  gt Bespoke cmd     Echo Set   DomainStat DomMember    amp  Goto DomainMember gt  gt Bespoke cmd     Echo   gt  gt Bespoke cmd     Echo  gt  gt Bespoke cmd     Echo  WorkgroupMember gt  gt Bespoke cmd     Echo    Verify status of Secpol msc  ConsentPromptBehaviorAdmin  Reg key  gt  gt Bespoke cmd     Echo reg query  HKEY LOCAL MACHINE SOFTWARE Microsoft Windows CurrentVersion Policies System   v ConsentPromptBehaviorAdmin    Find  i  0x0  gt  gt Bespoke cmd     Echo  gt  gt Bespoke cmd     Echo If    ErrorLevel    0   gt  gt Bespoke cmd     Echo    Goto BespokeBuild gt  gt Bespoke cmd     Echo   Else   gt  gt Bespoke cmd     Echo    Goto DisUAC gt  gt Bespoke cmd     Echo   gt  gt Bespoke cmd     Echo  DisUAC gt  gt Bespoke cmd     Echo  XPAdmin gt  gt Bespoke cmd     Echo  DomainMember gt  gt Bespoke cmd     Echo    Get ADMIN Privileges  Start batch again  modify UAC ConsentPromptBehaviorAdmin reg if needed  gt  gt Bespoke cmd     Echo   gt nul  2  gt   amp 1       SYSTEMROOT   system32 cacls exe          SYSTEMROOT   system32 config system   gt  gt Bespoke cmd     Echo  gt  gt Bespoke cmd     Echo IF       Errorlevel      NEQ  0    gt  gt Bespoke cmd     Echo    echo Set objShell   CreateObject    Shell Application       gt        temp   getadmin vbs   gt  gt Bespoke cmd     Echo    echo objShell ShellExecute       s0              runas   1   gt   gt        temp   getadmin vbs   gt  gt Bespoke cmd     Echo          temp   getadmin vbs   gt  gt Bespoke cmd     Echo    del       temp   getadmin vbs   gt  gt Bespoke cmd     Echo    exit  B gt  gt Bespoke cmd     Echo   else   gt  gt Bespoke cmd     Echo    pushd       cd     gt  gt Bespoke cmd     Echo    cd  d       dp0   gt  gt Bespoke cmd     Echo     echo off gt  gt Bespoke cmd     Echo   gt  gt Bespoke cmd     Echo  gt  gt Bespoke cmd     Echo IF     OSVer    PreUAC Goto BespokeBuild gt  gt Bespoke cmd     Echo IF     DomainStat    DomMember Goto BespokeBuild gt  gt Bespoke cmd     Echo  gt  gt Bespoke cmd     Echo reg add  HKEY LOCAL MACHINE SOFTWARE Microsoft Windows CurrentVersion Policies System   v ConsentPromptBehaviorAdmin  t REG DWORD  d 0  f gt  gt Bespoke cmd     Echo  gt  gt Bespoke cmd     Echo  BespokeBuild gt  gt Bespoke cmd     Echo    Add your script requiring elevated perm and no UAC below   gt  gt Bespoke cmd     Echo  gt  gt Bespoke cmd         PROVIDE BRIEF EXPLINATION AS TO WHAT YOUR SCRIPT WILL ACHIEVE     Echo            ADD THE  PAUSE  BELOW ONLY IF YOU SET TO SEE RESULTS FROM YOUR SCRIPT     Echo Pause gt  gt Bespoke cmd      Echo Goto EOF gt  gt Bespoke cmd     Echo  EOF gt  gt Bespoke cmd     Echo Exit gt  gt Bespoke cmd      Timeout  T 1  NOBREAK  gt Nul      RunBatch     call  Bespoke cmd         Del  F  Q  Bespoke cmd        Secpol        Edit out the  Exit  rem or     to run  amp  import default wins 8 security policy provided below     Exit         Check if machine part of a Domain or within a Workgroup environment     Set   DomainStat       Set  DomainStat  USERDOMAIN      If  i   DomainStat  EQU  computername            Goto WorkgroupPC       ELSE           Echo PC Member of a Domain  Security Policy determined by GPO         Pause         Goto EOF             WorkgroupPC      reg query  HKEY LOCAL MACHINE SOFTWARE Microsoft Windows CurrentVersion Policies System   v ConsentPromptBehaviorAdmin   Find  i  0x5      Echo      If  ErrorLevel   0           Echo Machine already set for UAC  Prompt          Pause         Goto EOF       else           Goto EnableUAC            EnableUAC     IF NOT EXIST C  Utilities Wins8x64Def inf           GOTO CreateInf       ELSE           Goto RunInf            CreateInf        This will create the default    inf  file and import it into the         local security policy for the Wins 8 machine     Echo  Unicode  gt  gt Wins8x64Def inf     Echo Unicode yes gt  gt Wins8x64Def inf     Echo  System Access  gt  gt Wins8x64Def inf     Echo MinimumPasswordAge    0 gt  gt Wins8x64Def inf     Echo MaximumPasswordAge    -1 gt  gt Wins8x64Def inf     Echo MinimumPasswordLength    0 gt  gt Wins8x64Def inf     Echo PasswordComplexity    0 gt  gt Wins8x64Def inf     Echo PasswordHistorySize    0 gt  gt Wins8x64Def inf     Echo LockoutBadCount    0 gt  gt Wins8x64Def inf     Echo RequireLogonToChangePassword    0 gt  gt Wins8x64Def inf     Echo ForceLogoffWhenHourExpire    0 gt  gt Wins8x64Def inf     Echo NewAdministratorName      Administrator   gt  gt Wins8x64Def inf     Echo NewGuestName      Guest   gt  gt Wins8x64Def inf     Echo ClearTextPassword    0 gt  gt Wins8x64Def inf     Echo LSAAnonymousNameLookup    0 gt  gt Wins8x64Def inf     Echo EnableAdminAccount    0 gt  gt Wins8x64Def inf     Echo EnableGuestAccount    0 gt  gt Wins8x64Def inf     Echo  Event Audit  gt  gt Wins8x64Def inf     Echo AuditSystemEvents    0 gt  gt Wins8x64Def inf     Echo AuditLogonEvents    0 gt  gt Wins8x64Def inf     Echo AuditObjectAccess    0 gt  gt Wins8x64Def inf     Echo AuditPrivilegeUse    0 gt  gt Wins8x64Def inf     Echo AuditPolicyChange    0 gt  gt Wins8x64Def inf     Echo AuditAccountManage    0 gt  gt Wins8x64Def inf     Echo AuditProcessTracking    0 gt  gt Wins8x64Def inf     Echo AuditDSAccess    0 gt  gt Wins8x64Def inf     Echo AuditAccountLogon    0 gt  gt Wins8x64Def inf     Echo  Registry Values  gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows NT CurrentVersion Setup RecoveryConsole SecurityLevel 4  0 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows NT CurrentVersion Setup RecoveryConsole SetCommand 4  0 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows NT CurrentVersion Winlogon CachedLogonsCount 1  10  gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows NT CurrentVersion Winlogon ForceUnlockLogon 4  0 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows NT CurrentVersion Winlogon PasswordExpiryWarning 4 5 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows NT CurrentVersion Winlogon ScRemoveOption 1  0  gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System ConsentPromptBehaviorAdmin 4 5 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System ConsentPromptBehaviorUser 4 3 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System DisableCAD 4 1 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System DontDisplayLastUserName 4  0 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System EnableInstallerDetection 4 1 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System EnableLUA 4 1 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System EnableSecureUIAPaths 4 1 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System EnableUIADesktopToggle 4  0 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System EnableVirtualization 4 1 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System FilterAdministratorToken 4  0 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System LegalNoticeCaption 1    gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System LegalNoticeText 7  gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System PromptOnSecureDesktop 4 1 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System ScForceOption 4  0 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System ShutdownWithoutLogon 4 1 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System UndockWithoutLogon 4 1 gt  gt Wins8x64Def inf     Echo MACHINE Software Microsoft Windows CurrentVersion Policies System ValidateAdminCodeSignatures 4  0 gt  gt Wins8x64Def inf     Echo MACHINE Software Policies Microsoft Windows Safer CodeIdentifiers AuthenticodeEnabled 4  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Lsa AuditBaseObjects 4  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Lsa CrashOnAuditFail 4  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Lsa DisableDomainCreds 4  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Lsa EveryoneIncludesAnonymous 4  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Lsa FIPSAlgorithmPolicy Enabled 4  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Lsa ForceGuest 4  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Lsa FullPrivilegeAuditing 3  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Lsa LimitBlankPasswordUse 4 1 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Lsa MSV1 0 NTLMMinClientSec 4 536870912 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Lsa MSV1 0 NTLMMinServerSec 4 536870912 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Lsa NoLMHash 4 1 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Lsa RestrictAnonymous 4  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Lsa RestrictAnonymousSAM 4 1 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Print Providers LanMan Print Services Servers AddPrinterDrivers 4  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control SecurePipeServers Winreg AllowedExactPaths Machine 7 System CurrentControlSet Control ProductOptions System CurrentControlSet Control Server Applications Software Microsoft Windows NT CurrentVersion gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control SecurePipeServers Winreg AllowedPaths Machine 7 System CurrentControlSet Control Print Printers System CurrentControlSet Services Eventlog Software Microsoft OLAP Server Software Microsoft Windows NT CurrentVersion Print Software Microsoft Windows NT CurrentVersion Windows System CurrentControlSet Control ContentIndex System CurrentControlSet Control Terminal Server System CurrentControlSet Control Terminal Server UserConfig System CurrentControlSet Control Terminal Server DefaultUserConfiguration Software Microsoft Windows NT CurrentVersion Perflib System CurrentControlSet Services SysmonLog gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Session Manager Kernel ObCaseInsensitive 4 1 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Session Manager Memory Management ClearPageFileAtShutdown 4  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Session Manager ProtectionMode 4 1 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Control Session Manager SubSystems optional 7 Posix gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services LanManServer Parameters AutoDisconnect 4 15 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services LanManServer Parameters EnableForcedLogOff 4 1 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services LanManServer Parameters EnableSecuritySignature 4  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services LanManServer Parameters NullSessionPipes 7  gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services LanManServer Parameters RequireSecuritySignature 4  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services LanManServer Parameters RestrictNullSessAccess 4 1 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services LanmanWorkstation Parameters EnablePlainTextPassword 4  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services LanmanWorkstation Parameters EnableSecuritySignature 4 1 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services LanmanWorkstation Parameters RequireSecuritySignature 4  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services LDAP LDAPClientIntegrity 4 1 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services Netlogon Parameters DisablePasswordChange 4  0 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services Netlogon Parameters MaximumPasswordAge 4 30 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services Netlogon Parameters RequireSignOrSeal 4 1 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services Netlogon Parameters RequireStrongKey 4 1 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services Netlogon Parameters SealSecureChannel 4 1 gt  gt Wins8x64Def inf     Echo MACHINE System CurrentControlSet Services Netlogon Parameters SignSecureChannel 4 1 gt  gt Wins8x64Def inf     Echo  Privilege Rights  gt  gt Wins8x64Def inf     Echo SeNetworkLogonRight    S-1-1-0  S-1-5-32-544  S-1-5-32-545  S-1-5-32-551 gt  gt Wins8x64Def inf     Echo SeBackupPrivilege    S-1-5-32-544  S-1-5-32-551 gt  gt Wins8x64Def inf     Echo SeChangeNotifyPrivilege    S-1-1-0  S-1-5-19  S-1-5-20  S-1-5-32-544  S-1-5-32-545  S-1-5-32-551  S-1-5-90- 0 gt  gt Wins8x64Def inf     Echo SeSystemtimePrivilege    S-1-5-19  S-1-5-32-544 gt  gt Wins8x64Def inf     Echo SeCreatePagefilePrivilege    S-1-5-32-544 gt  gt Wins8x64Def inf     Echo SeDebugPrivilege    S-1-5-32-544 gt  gt Wins8x64Def inf     Echo SeRemoteShutdownPrivilege    S-1-5-32-544 gt  gt Wins8x64Def inf     Echo SeAuditPrivilege    S-1-5-19  S-1-5-20 gt  gt Wins8x64Def inf     Echo SeIncreaseQuotaPrivilege    S-1-5-19  S-1-5-20  S-1-5-32-544 gt  gt Wins8x64Def inf     Echo SeIncreaseBasePriorityPrivilege    S-1-5-32-544 gt  gt Wins8x64Def inf     Echo SeLoadDriverPrivilege    S-1-5-32-544 gt  gt Wins8x64Def inf     Echo SeBatchLogonRight    S-1-5-32-544  S-1-5-32-551  S-1-5-32-559 gt  gt Wins8x64Def inf     Echo SeServiceLogonRight    S-1-5-80-0  S-1-5-83- 0 gt  gt Wins8x64Def inf     Echo SeInteractiveLogonRight   Guest  S-1-5-32-544  S-1-5-32-545  S-1-5-32-551 gt  gt Wins8x64Def inf     Echo SeSecurityPrivilege    S-1-5-32-544 gt  gt Wins8x64Def inf     Echo SeSystemEnvironmentPrivilege    S-1-5-32-544 gt  gt Wins8x64Def inf     Echo SeProfileSingleProcessPrivilege    S-1-5-32-544 gt  gt Wins8x64Def inf     Echo SeSystemProfilePrivilege    S-1-5-32-544  S-1-5-80-3139157870-2983391045-3678747466-658725712-1809340420 gt  gt Wins8x64Def inf     Echo SeAssignPrimaryTokenPrivilege    S-1-5-19  S-1-5-20 gt  gt Wins8x64Def inf     Echo SeRestorePrivilege    S-1-5-32-544  S-1-5-32-551 gt  gt Wins8x64Def inf     Echo SeShutdownPrivilege    S-1-5-32-544  S-1-5-32-545  S-1-5-32-551 gt  gt Wins8x64Def inf     Echo SeTakeOwnershipPrivilege    S-1-5-32-544 gt  gt Wins8x64Def inf     Echo SeDenyNetworkLogonRight   Guest gt  gt Wins8x64Def inf     Echo SeDenyInteractiveLogonRight   Guest gt  gt Wins8x64Def inf     Echo SeUndockPrivilege    S-1-5-32-544  S-1-5-32-545 gt  gt Wins8x64Def inf     Echo SeManageVolumePrivilege    S-1-5-32-544 gt  gt Wins8x64Def inf     Echo SeRemoteInteractiveLogonRight    S-1-5-32-544  S-1-5-32-555 gt  gt Wins8x64Def inf     Echo SeImpersonatePrivilege    S-1-5-19  S-1-5-20  S-1-5-32-544  S-1-5-6 gt  gt Wins8x64Def inf     Echo SeCreateGlobalPrivilege    S-1-5-19  S-1-5-20  S-1-5-32-544  S-1-5-6 gt  gt Wins8x64Def inf     Echo SeIncreaseWorkingSetPrivilege    S-1-5-32-545  S-1-5-90- 0 gt  gt Wins8x64Def inf     Echo SeTimeZonePrivilege    S-1-5-19  S-1-5-32-544  S-1-5-32-545 gt  gt Wins8x64Def inf     Echo SeCreateSymbolicLinkPrivilege    S-1-5-32-544  S-1-5-83- 0 gt  gt Wins8x64Def inf     Echo  Version  gt  gt Wins8x64Def inf     Echo signature   CHICAGO   gt  gt Wins8x64Def inf     Echo Revision 1 gt  gt Wins8x64Def inf       RunInf        Import  Wins8x64Def inf  with ADMIN Privileges  to modify UAC ConsentPromptBehaviorAdmin reg      gt nul 2 gt  amp 1   SYSTEMROOT  system32 cacls exe    SYSTEMROOT   system32 config system      IF   Errorlevel   NEQ  0            echo Set objShell   CreateObject   Shell Application     gt    temp  getadmin vbs          echo objShell ShellExecute    s0            runas   1  gt  gt    temp  getadmin vbs           temp   getadmin vbs          del   temp  getadmin vbs          exit  B         Secedit  configure  db secedit sdb  cfg C  Utilities Wins8x64Def inf  overwrite         Goto CheckUAC       else           Secedit  configure  db secedit sdb  cfg C  Utilities Wins8x64Def inf  overwrite          echo off            CheckUAC     reg query  HKEY LOCAL MACHINE SOFTWARE Microsoft Windows CurrentVersion Policies System   v ConsentPromptBehaviorAdmin   Find  i  0x5      Echo      If  ErrorLevel   0           Echo ConsentPromptBehaviorAdmin set to  Prompt          Pause         Del  Q C  Utilities Wins8x64Def inf         Goto EOF       else           Echo ConsentPromptBehaviorAdmin NOT set to default         Pause           ENDLOCAL      EOF     Exit   Domain PC s should be governed as much as possible by GPO sets  Workgroup Standalone machines can be governed by this script   Remember  a UAC prompt will pop-up at least once with a BYOD workgroup PC  as soon as the first elevating to  Admin perms  is required   but as the local security policy is modified for admin use from this point on  the pop-ups will disappear   A Domain PC should have the GPO  ConsentPromptBehaviorAdmin  policy set within your  already  created  Lock-down  policy - as explained in the script  REFERENCES  section   Again  run the secedit exe import of the default   inf  file if you are stuck on the whole  To UAC or Not to UAC  debate  -    btw   boileau Do check your failure on the    gt nul 2 gt  amp 1   SYSTEMROOT  system32 cacls exe    SYSTEMROOT  system32 config system    By running only   SYSTEMROOT  system32 cacls exe  or   SYSTEMROOT  system32 config system  or both from the command prompt - elevated or not  check the result across the board

User · Answer

Some servers disable services that the command  net session  requires  This results in the admin check always saying you don t have admin rights when you may have

User · Answer

whoami  groups   find  S-1-16-12288   gt  nul if not errorlevel 1     echo      connected as admin

User · Answer

echo off  start set randname  random  random  random  random  random  md  windows  randname  2 gt nul if  errorlevel   0  echo You re elevated    goto end  if  errorlevel   1  echo You re not elevated      goto end  goto start  end rd  windows  randname  2 gt nul pause  gt nul   I will explain the code line by line    echo off   Users will be annoyed with many more than 1 lines without this    start   Point where the program starts   set randname  random  random  random  random  random    Set the filename of the directory to be created   md  windows  randname  2 gt nul   Creates the directory on  lt DL gt   Windows  replace  lt DL  with drive letter    if  errorlevel   0  echo You re elevated    goto end    If the ERRORLEVEL environment variable is zero  then echo success message  Go to the end  don t proceed any further    if  errorlevel   1  echo You re not elevated      goto end    If ERRORLEVEL is one  echo failure message and go to the end   goto start   In case the filename already exists  recreate the folder  otherwise the goto end command will not let this run     end   Specify the ending point  rd  windows  randname  2 gt nul   Remove the created directory   pause  gt nul   Pause so the user can see the message   Note  The  gt nul and 2 gt nul are filtering the output of these commands

User · Answer

The cleanest way to check for admin privileges using a CMD script  that I have found  is something like this    echo off  REM  Calling verify with no args just checks the verify flag  REM   we use this for its side effect of setting errorlevel to zero verify  gt nul  REM  Attempt to read a particular system directory - the DIR REM   command will fail with a nonzero errorlevel if the directory is REM   unreadable by the current process   The DACL on the REM   c  windows system32 config systemprofile directory  by default  REM   only permits SYSTEM and Administrators  dir  windir  system32 config systemprofile  gt nul 2 gt nul  REM  Use IF ERRORLEVEL or  errorlevel  to check the result if not errorlevel 1 echo has Admin privs if     errorlevel 1 echo has only User privs   This method only uses CMD exe builtins  so it should be very fast   It also checks for the actual capabilities of the process rather than checking for SIDs or group memberships  so the effective permission is tested   And this works as far back as Windows 2003 and XP   Normal user processes or nonelevated processes fail the directory probe  where as Admin or elevated processes succeed

User · Answer

alternative solution    echo off pushd  SystemRoot  openfiles exe 1 gt nul 2 gt  amp 1 if not  errorlevel  equ 0       Echo here you are not administrator    else       Echo here you are administrator    popd Pause

User · Answer

The whoami  groups doesn t work in one case   If you have UAC totally turned off  not just notification turned off   and you started from an Administrator prompt then issued   runas  trustlevel 0x20000 cmd   you will be running non-elevated  but issuing   whoami  groups   will say you re elevated   It s wrong   Here s why it s wrong   When running in this state  if IsUserAdmin  https   msdn microsoft com en-us library windows desktop aa376389 v vs 85  aspx  returns FALSE and UAC is fully disabled  and GetTokenInformation returns TokenElevationTypeDefault  http   blogs msdn com b cjacks archive 2006 10 24 modifying-the-mandatory-integrity-level-for-a-securable-object-in-windows-vista aspx  then the process is not running elevated  but whoami  groups claims it is   really  the best way to do this from a batch file is   net session  gt nul 2 gt nul net session  gt nul 2 gt nul echo  errorlevel    You should do net session twice because if someone did an at before hand  you ll get the wrong information

User · Answer

net user  username   gt nul 2 gt  amp 1  amp  amp  echo admin    echo not admin

User · Answer

More issues  As pointed out by  Lectrode  if you try to run the net session command while the Server service is stopped  you receive the following error message   The Server service is not started   More help is available by typing NET HELPMSG 2114   In this case the  errorLevel  variable will be set to 2   Note The Server service is not started  while in Safe Mode  with or without networking    Looking for an alternative  Something that    can be run out of the box on Windows XP and later  32 and 64 bit   doesn t touch the registry or any system file folder  works regardless of the system locale  gives correct results even in Safe Mode    So I booted a vanilla Windows XP virtual machine and I started scrolling through the list of applications in the C  Windows System32 folder  trying to get some ideas  After trials and errors  this is the dirty  pun intended  approach I ve come up with   fsutil dirty query  systemdrive   gt nul   The fsutil dirty command requires admin rights to run  and will fail otherwise   systemdrive  is an environment variable which returns the drive letter where the operating system is installed  The output is redirected to nul  thus ignored  The  errorlevel  variable will be set to 0 only upon successful execution   Here is what the documentation says      Fsutil dirty      Queries or sets a volume s dirty bit  When a volume s dirty bit is set  autochk automatically checks the volume for errors the next time the computer is restarted       Syntax  fsutil dirty  query   set   lt VolumePath gt        Parameters  query           Queries the specified volume s dirty bit  set             Sets the specified volume s dirty bit   lt VolumePath gt     Specifies the drive name followed by a colon or GUID        Remarks      A volume s dirty bit indicates that the file system may be in an inconsistent state  The dirty bit can be set because          The volume is online and it has outstanding changes    Changes were made to the volume and the computer was shut down before the changes were committed to the disk    Corruption was detected on the volume          If the dirty bit is set when the computer restarts  chkdsk runs to verify the file system integrity and to attempt to fix any issues with the volume        Examples      To query the dirty bit on drive C  type   fsutil dirty query C     Further research  While the solution above works from Windows XP onwards  it s worth adding that Windows 2000 and Windows PE  Preinstalled Environment  don t come with fsutil exe  so we have to resort to something else   During my previous tests I noticed that running the sfc command without any parameters would either result in    an error  if you didn t have enough privileges  a list of the available parameters and their usage    That is  no parameters  no party  The idea is that we can parse the output and check if we got anything but an error   sfc 2 gt  amp 1   find  i   SCANNOW   gt nul   The error output is first redirected to the standard output  which is then piped to the find command  At this point we have to look for the only parameter that is supported in all Windows version since Windows 2000   SCANNOW  The search is case insensitive  and the output is discarded by redirecting it to nul   Here s an excerpt from the documentation      Sfc      Scans and verifies the integrity of all protected system files and replaces incorrect versions with correct versions       Remarks      You must be logged on as a member of the Administrators group to run sfc exe    Sample Usage  Here are some paste-and-run examples   Windows XP and later   echo off  call  isAdmin if  errorlevel     0   echo Running with admin rights    else   echo Error  Access denied     pause  gt nul exit  b   isAdmin fsutil dirty query  systemdrive   gt nul exit  b   Windows 2000   Windows PE   echo off  call  isAdmin if  errorlevel     0   echo Running with admin rights    else   echo Error  Access denied     pause  gt nul exit  b   isAdmin sfc 2 gt  amp 1   find  i   SCANNOW   gt nul exit  b   Applies to   Windows 2000 Windows XP Windows Vista Windows 7 Windows 8 Windows 8 1 ---  Windows PE

[windows] Batch script: how to check for admin rights

Examples related to windows

Examples related to batch-file

Examples related to cmd

Examples related to admin