Tag Archives: split token

Start programs elevated from a batch file

If you use batch files to automate tasks on a Windows 10, 8, 7 or Vista computer, you have probably encountered situations when you needed to start a program elevated (a.k.a. as administrator). For example, if you want to share a folder automatically from a batch file, you would use the net share command. However, unlike many other programs that ask for the administrator’s approval, net share does not do that and simply returns the error code 5 (“access denied”) if it was started by a standard user. How to force that program to start elevated from a batch file?

Password-protect and hide personal files and folders with Folder Guard for Windows 10,8,7, and XP.
User rating: 4.7/5
Purchase or download a free trial. Read more…

That’s the purpose of the Elevate utility that we’ve created to solve such a problem. Download the Zip file, uncompress it, and inside you should find two files: Elevate.exe and Elevate64.exe. (The latter is a native 64-bit compilation, if you require that, although the regular 32-bit version, Elevate.exe, should work fine with both the 32- and 64-bit versions of Windows).

Copy the file Elevate.exe into a folder where Windows can always find it (such as C:/Windows). To use it in a batch file, just prepend the command you want to execute as administrator with the elevate command, like this:

  elevate net share ...

and it should run the command net share as administrator. Of course, it does not relieve the administrator from the duty to approve the request (unless you have enabled the quiet mode of UAC or disabled the UAC altogether).

The syntax of the Elevate command is as follows:

  elevate [-opt1] [-opt2...] [path\]file[.exe] [param1 [param2...]]

Where -optN can be one of the following:

  -?         - Display the help screen and exit
  -info      - Open the web page with more information (the web page you are reading now!) and exit
  -wait4idle - Wait for the target process to initialize before returning
  -wait4exit - Wait for the target process to finish before returning
  -noui      - Don't display any messages, even if an error occurs

After the options, the following arguments should be entered:

  file       - The file name of the program to launch elevated
  paramN     - Optional parameters (as expected by the program being launched)

For example, if for some reason you want to run Notepad as administrator, and continue only after you exit Notepad, you would use a command like this:
  elevate   -wait4exit   notepad

If you use the elevate command while being logged in to Windows as a user that does not have a split token, that is as a non-administrator or a guest user, it will ask for the administrator’s password to continue. If you use it as the true administrator (that is, if UAC is disabled, or it you’ve launched the batch file itself as administrator), then no administrator’s approval would be required and it would launch the program as usual.

Encrypt and password-protect external drives with USBCrypt software for Windows 10,8,7, and XP.
User rating: 4.7/5
Purchase or download a free trial. Read more…

Can Elevate.exe be used on a Windows XP or Windows 2000 computer, even though they do not have UAC or users with the split tokens? Yes, it can! In such a case, if the batch file is executed by the administrator, then Elevate.exe runs the program as usual, without requiring any additional approval. If run by a restricted user, Elevate.exe has the same effect as the Run As command of Windows XP/2000: it gives the user an option to enter a different user’s credentials to lunch the program.

The return code of the elevate command depends on the result of its execution and whether you have specified the -wait4exit option or not. If the -wait4exit option is NOT specified, then elevate returns code 0 if it started the target process successfully, or an error code as reported by Windows. For example, if Windows could not find the target file, it usually returns code 2. If the file was found, but the administrator did not approve the request to start the program elevated, the return code is 5. And so on.

However, if you have specified the -wait4exit option on the command line, then if the target process was started successfully, the elevate command would wait for it to finish and return the exit code from that process. The returned value in such a case depends on the program being launched be the elevate command. As with other commands, you can access the return code in a batch file via the ERRORLEVEL variable.

It’s FREE. For Windows 2000 and later. License…

Download Elevate.zip

NOTE: There is a known Windows problem: you cannot start a batch file elevated while passing arguments with quotes to it. A possible workaround is not to use elevate.exe to run a batch file elevated. Instead, run the batch file itself as the standard user, and put the elevate.exe command inside of the batch file to run whatever program you need to run elevated.

If you want to link to this article, you can use this HTML code: <a href=”http://www.winability.com/elevate/”>How to start programs elevated from a batch file</a>

Read more