The question recently came up on during an internal discussion about how to quickly (“one double-click”) elevate a script on a machine with UAC enabled without installing anything or manually configuring a shortcut to “Run as administrator”. So to answer this question I decided to share my “self-elevating” CMD script. This script relies on the same technique as my previous post on my updated version of Launchapp.wsf. It uses the method of detecting whether the script is running elevated from John Howard’s blog (http://blogs.technet.com/jhoward/archive/2008/11/19/how-to-detect-uac-elevation-from-vbscript.aspx), translated to CMD script. The following script will “re-launch itself” elevated if it is not already running elevated. This version (RelaunchElevated.cmd in the download below) requires that either that the Elevate Command PowerToy from here is installed or that elevate.cmd and elevate.vbs from the same download are in the same folder with the script or in the Windows search path.
:: Check for Mandatory Label\High Mandatory Level
whoami /groups | find "S-1-16-12288" > nul
if "%errorlevel%"=="0" (
echo Running as elevated user. Continuing script.
) else (
echo Not running as elevated user.
echo Relaunching Elevated: "%~dpnx0" %*
if exist "%CmdDir%\elevate.cmd" (
) else (
!ELEVATE_COMMAND! cmd /k cd /d "%~dp0" !CARET!^& call "%~dpnx0" %*
:: Continue script here
echo Arguments passed: %*
This script looks for the System Manadatory Label in the output of whoami /groups. If it is not found, the script uses the elevate command to launch a new instance of cmd.exe, changes the directory to the script directory, and re-launches itself with the same arguments.
In order the make the script even more self contained (i.e. requiring no additional files) I created another version of this script (RelaunchElevated_EmbeddedScripts.cmd in the download below) that creates elevate.cmd and elevate.vbs in %Temp% on the fly when it is run, uses them from there, and then deletes them after they are used.
- Michael Murgolo, Senior Consultant, Microsoft Services, U.S. East Region.