locked
Issue with Parameter when using Run in Elevated mode code RRS feed

  • Question

  • Hello,

    Im using below code inserted at the beginning of my script so the script will ask for elevation

    param (
    	
      [Parameter(Mandatory=$true,Position=0, Helpmessage="Enter site SID")]
      [String]$SID,
      
    	
      [Parameter(Mandatory=$false,Position=1)]
      [String]$y
    )
    
    
    
    If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
    
    {   
    $arguments = "& '" + $myinvocation.mycommand.definition + "'"
    Start-Process powershell -Verb runAs -ArgumentList $arguments
    Break
    }

    My issue is with param section.

    If I have the code like this, Im asked for Parameter when I execute the script, then the elevation comes and the script will again ask for the parameter.

    If I put the elevation block before param section, the script asks for elevation, but then it does not ask for parameter anymore.

    What am I doing wrong?


    --------------------- Leos

    Saturday, November 4, 2017 7:54 PM

Answers

  • This is a cleaner and more readable way to do it:

    param (
        [Parameter(Mandatory = $true, Position = 0, Helpmessage = "Enter site SID")]
        [String]$SID,
        [Parameter(Mandatory = $false, Position = 1)]
        [String]$y
    )
    
    
    $bAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
    If (!$bAdmin){
        $argumentsList = @(
            '-File',
            $myinvocation.mycommand.definition,
            $SID,
            $y
        )
        Write-Host $argumentsList
        Start-Process powershell -Verb RunAs -ArgumentList $argumentsList
        exit #must exit first script 
    }
    
    # the following runs only after the script is re-launched as elevated.
    Write-Host $SID $Y
    pause


    \_(ツ)_/

    • Marked as answer by Leoš Marek Sunday, November 5, 2017 7:53 AM
    Saturday, November 4, 2017 11:27 PM

All replies

  • param ( [Parameter(Mandatory = $true, Position = 0, Helpmessage = "Enter site SID")] [String]$SID, [Parameter(Mandatory = $false, Position = 1)] [String]$y )

    If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { $arguments = @( '-File', $myinvocation.mycommand.definition, $SID, $y ) Write-Host $arguments Start-Process powershell -Verb runAs -ArgumentList $arguments exit # must exit first script }

    # the following runs only after the script is re-launched as elevated. Write-Host $SID $Y pause



    \_(ツ)_/







    • Edited by jrv Saturday, November 4, 2017 11:28 PM
    Saturday, November 4, 2017 11:12 PM
  • This is a cleaner and more readable way to do it:

    param (
        [Parameter(Mandatory = $true, Position = 0, Helpmessage = "Enter site SID")]
        [String]$SID,
        [Parameter(Mandatory = $false, Position = 1)]
        [String]$y
    )
    
    
    $bAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
    If (!$bAdmin){
        $argumentsList = @(
            '-File',
            $myinvocation.mycommand.definition,
            $SID,
            $y
        )
        Write-Host $argumentsList
        Start-Process powershell -Verb RunAs -ArgumentList $argumentsList
        exit #must exit first script 
    }
    
    # the following runs only after the script is re-launched as elevated.
    Write-Host $SID $Y
    pause


    \_(ツ)_/

    • Marked as answer by Leoš Marek Sunday, November 5, 2017 7:53 AM
    Saturday, November 4, 2017 11:27 PM
  • Thanks! One little further question - If I run such script in Elevated mode and I use invoke-command to remote computer, does that also run in Elevated on the target computer? L

    --------------------- Leos

    Sunday, November 5, 2017 7:53 AM
  • There is no such thing as remote elevation.  Only interactive session require elevation. Put another way - UAC does not apply to remote sessions.


    \_(ツ)_/

    Sunday, November 5, 2017 8:01 AM