locked
Issue with Parameter when using Run in Elevated mode code RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hello,

    Im using below code inserted at the beginning of my script so the script will ask for elevation

    param (
	
  [Parameter(Mandatory=$true,Position=0, Helpmessage="Enter site SID")]
  [String]$SID,
  
	
  [Parameter(Mandatory=$false,Position=1)]
  [String]$y
)



If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))

{   
$arguments = "& '" + $myinvocation.mycommand.definition + "'"
Start-Process powershell -Verb runAs -ArgumentList $arguments
Break
}

    My issue is with param section.

    If I have the code like this, Im asked for Parameter when I execute the script, then the elevation comes and the script will again ask for the parameter.

    If I put the elevation block before param section, the script asks for elevation, but then it does not ask for parameter anymore.

    What am I doing wrong?

    --------------------- Leos

    Saturday, November 4, 2017 7:54 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    This is a cleaner and more readable way to do it:

    param (
    [Parameter(Mandatory = $true, Position = 0, Helpmessage = "Enter site SID")]
    [String]$SID,
    [Parameter(Mandatory = $false, Position = 1)]
    [String]$y
)


$bAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
If (!$bAdmin){
    $argumentsList = @(
        '-File',
        $myinvocation.mycommand.definition,
        $SID,
        $y
    )
    Write-Host $argumentsList
    Start-Process powershell -Verb RunAs -ArgumentList $argumentsList
    exit #must exit first script 
}

# the following runs only after the script is re-launched as elevated.
Write-Host $SID $Y
pause

    \_(ツ)_/

    • Marked as answer by Leoš Marek Sunday, November 5, 2017 7:53 AM
    Saturday, November 4, 2017 11:27 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote 
    param (
    [Parameter(Mandatory = $true, Position = 0, Helpmessage = "Enter site SID")]
    [String]$SID,
    [Parameter(Mandatory = $false, Position = 1)]
    [String]$y
)

    If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
    $arguments = @(
        '-File',
        $myinvocation.mycommand.definition,
        $SID,
        $y
    )
    Write-Host $arguments
    Start-Process powershell -Verb runAs -ArgumentList $arguments
    exit  # must exit first script 
}

    # the following runs only after the script is re-launched as elevated.
Write-Host $SID $Y
pause

    \_(ツ)_/







    • Edited by jrv Saturday, November 4, 2017 11:28 PM
    Saturday, November 4, 2017 11:12 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    This is a cleaner and more readable way to do it:

    param (
    [Parameter(Mandatory = $true, Position = 0, Helpmessage = "Enter site SID")]
    [String]$SID,
    [Parameter(Mandatory = $false, Position = 1)]
    [String]$y
)


$bAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
If (!$bAdmin){
    $argumentsList = @(
        '-File',
        $myinvocation.mycommand.definition,
        $SID,
        $y
    )
    Write-Host $argumentsList
    Start-Process powershell -Verb RunAs -ArgumentList $argumentsList
    exit #must exit first script 
}

# the following runs only after the script is re-launched as elevated.
Write-Host $SID $Y
pause

    \_(ツ)_/

    • Marked as answer by Leoš Marek Sunday, November 5, 2017 7:53 AM
    Saturday, November 4, 2017 11:27 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Thanks! One little further question - If I run such script in Elevated mode and I use invoke-command to remote computer, does that also run in Elevated on the target computer? L

    --------------------- Leos

    Sunday, November 5, 2017 7:53 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    There is no such thing as remote elevation.  Only interactive session require elevation. Put another way - UAC does not apply to remote sessions.

    \_(ツ)_/

    Sunday, November 5, 2017 8:01 AM