HOWTO: Run Remote Powershell Script as Administrator

Sooner or later, as you begin to hone your PowerShell skills, you’ll start writing scripts to automate repetitive tasks. If you run your workstation with standard user privileges, you’ll soon discover that it’s not possible to launch PowerShell scripts with administrative privileges by right-clicking the script and selecting Run as administrator from the context menu (which is available for most over types of executable). Today I’ll show you two ways that you can run remote powershell script with admin privileges.

1. Modify a Script to Force Elevation

Add this snippet of code to the beginning of your PowerShell script, and a UAC prompt will appear, asking for administrative credentials or consent before any subsequent code is executed.

  • param([switch]$Elevated)
  • function Check-Admin {
  • $currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
  • $currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
  • }
  • if ((Check-Admin) -eq $false) {
  • if ($elevated)
  • {
  • # could not elevate, quit
  • }
  • else {
  • Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -noexit -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition))
  • }
  • exit
  • }

    The first step to Run Remote Powershell Script as Administrator is to Modify a Script to Force Elevation.png

    2. Run a Code from an Elevated Instance of the Windows PowerShell Integrated Scripting Environment (ISE)

    Alternatively, you can run scripts directly from inside the Windows PowerShell ISE. To start the ISE with administrative privileges:

    • Switch to the Start menu in Windows,
    • Type powershell ise, and make sure that PowerShell ISE is selected in the search results. Press CTRL+SHIFT+ENTER to start the ISE with elevated privileges and enter administrative credentials or give sent if prompted.

      start powershell ise

    • In the PowerShell ISE window, select Open from the File menu to load your script.
    • Once the script is loaded into the ISE, press F5 to run the script.
    • The Windows PowerShell ISE is a useful environment for creating and editing your scripts. You have access to all the installed PowerShell modules and their related commands, plus troubleshooting tools.

    3. How to Use Windows PowerShell 2.0 Remoting

    PowerShell Remoting infrastructure is based on WinRM version 2.0, and therefore inherits all the advantages of this technology, such as encrypting the data transferred, and the ability to work on standard HTTP / HTTPS ports. But thanks to the rich capabilities of the language of Windows PowerShell, and its ability to work with objects, we get even greater opportunities.

    Before you take advantage of all these advantages, PowerShell Remoting needs to be activated on the manager and on managed computers. It's easy to do this by running the cmdlet (Windows PowerShell command) Enable-PSRemoting. And if you add the -Force key, no confirmation will be requested. This cmdlet will call winrs quickconfig, if necessary, and create exceptions in Windows Firewall, so no further action is needed.

    After that, you can easily execute commands on other computers using the Invoke-Command cmdlet (or its alias icm)

    Invoke-Command -ComputerName Main -ScriptBlock {netsh interface dump > c:\ipconfig.txt}

    Of course, the command can be placed in a variable in advance and for the -ComputerName parameter specify the names of not just one but several computers. The following sequence allows you to display the version of the Explorer.exe file from three computers at once.

    $Command = {(get-item c:\Windows\explorer.exe).VersionInfo.FileVersion} Invoke-Command -ComputerName Main, Server7, Replica -ScriptBlock $Command

    The next step to Run Remote Powershell Script is to display the version of the Explorer

    As you can see, you can send several commands in one block at once, place their execution results on several computers into a variable, and then process them at the workstation using the capabilities of Windows PowerShell to work with objects.

    However, the PowerShell Remoting features are just beginning here. Using the Enter-PSSession cmdlet, you can log in to an interactive Windows PowerShell session on a remote computer. You can exit this session by using the Exit-PSSession cmdlet or simply Exit.

    The New-PSSession cmdlet creates sessions on remote computers, pointers to which can be placed in a variable, and then passing it as an argument for Invoke-Command to execute commands on several computers at once in a persistent environment. You can see an example in the screenshot where I am running a sequence of commands on several computers at once from the list c: \ computers.txt.

    Run Remote Powershell Script. Run a sequence of commands on several computers

    Also consider using Action1 to run remote powershell script if:

    • - You need to perform this action on multiple (hundreds or even thousands) computers simultaneously.
    • - Some of your endpoints are laptops not connected to corporate network at all times.

    Action1 is a cloud-based platform for software deployment, software/hardware inventory, patch management, endpoint configuration and more. It is free with basic functionality.


    Other Relevant HOWTOs: