Elevating permission RRS feed

  • Question

  • In my powershell script, I am running an exe that deletes a registry key during its execution. The script to load the exe is as below:

    Start-Process ..\MyExe.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs

    But I suspect the registry key deletion is not working (DeleteSubKeyTree() throws exception that the sub key does not exist, but it does exist) since I doubt there is not still sufficient permission for the exe. My question is does ExecutionPolicy Bypass gives admin permission ? I tried "Unrestricted" but that also doesnt give the required permission. How can the the exe be given required permission? Or does it already have the permission and something else is not working?. The exe is x86 and the platform is Win10 64 bit.  Hope my question makes sense. Thanks.

    • Edited by its_me_here Wednesday, July 5, 2017 8:04 PM
    Wednesday, July 5, 2017 8:02 PM

All replies

  • Execution Policy of Powershell only dictates whether you have rights to run the script, and has nothing to do with whether you have the required privilege to do what your script is trying to do.

    I'd say check the permissions of the registry key and compare it with the account running the script.  If possible, login as the account and use the built-in PS Drives HKLM or HKCU and try to list the key and see if you can.
    Wednesday, July 5, 2017 8:23 PM
  • The -ExecutionPolicy Bypass argument does not give Admin permissions.  It only bypass the built-in PowerShell restriction of running scripts on the system.

    More reading on that below if you are interested:

    It will be difficult to determine why that portion of your exe is failing without being on the box itself, but here are some ideas:

    1. Are you running PowerShell from an elevated prompt (PowerShell > Run as Administrator)?
    2. Is the registry key that you are trying to modify in the Current User hive (HKCU) or System Hive (HKLM)?  If it's in the current user hive, then the user account running it will need admin rights to the system.
    3. Try creating a quick PowerShell script running under the same context that modifies the key that you care about or just run the actual command from within PowerShell.  The registry can actually be used as a "drive" within PowerShell, so you can browse it like a filesystem.  Here is a jumping off point for you on that tangent:

    I hope some of those suggestions are helpful to you.  Security within PowerShell and the Windows OS has become very, very complex.  The more you can break it down and compartmentalize your testing, the more successful you will become in identifying the problem.

    Wednesday, July 5, 2017 8:28 PM
  • Indeed, ExecutionPolicy has nothing to do with it. 

    Further, for editing registry values you need Administrator permission. Already tried to run the .exe with Administrator rights without Powershell?

    Sincerely, Martien van Dijk -------------------------------------------------------------------------------- Please remember to mark the replies as answers if they help and unmark them if they provide no help. Check out My Blog!

    Wednesday, July 5, 2017 8:49 PM
  • The issue has nothing to do with execution policy.

    Why are you sending a script to the exe? 

    A 32 bit EXE cannot access the 64 bit registry.

    Admin is not required for registry access

    To prove that do this at a PS prompt:

    cd hkcu:
    md test
    rd test

    It can execute without error.

    Admins cannot delete protected key.

    Now rethink the issue and figure out what information you are ignoring or missing.


    Wednesday, July 5, 2017 9:55 PM