TLDR version on the bottom. I would like to create a desktop shortcut that would open up command prompt as if I had used the 'Run as Admin' option, but by just double clicking a shortcut and then getting prompted for the password to use with a hardcoded username.
I have done this for 'Active Directory Users and Computers' with the following:
Target: C:\Windows\System32\runas.exe /netonly /user:adminusername@domain "mmc %SystemRoot%\system32\dsa.msc" Start In: %windir%\System32
When I click this shortcut, I get a command prompt just asking for me to type my admin account password and it opens AD Users and Computers with my admin account.
I tried this command with cmd.exe, but it runs it fully as that user instead of what I want which is running it as the logged in non-admin user, but with admin privileges granted by the admin user/password entered in the UAC prompt.
I found a similar question, but the only answer I see that actually answers the question does not do what I want (and I think also does not do what the OP of the other question wanted). https://stackoverflow.com/questions/5944180/how-do-you-run-a-command-as-an-administrator-from-the-windows-command-line#:~:text=84-,All,-you%20have%20to
The answer there suggests:
All you have to do is use the runas command to run your program as Administrator (with a caveat).
runas /user:Administrator "cmdName parameters" In my case, this was: runas /user:Administrator "cmd.exe /C %CD%\installer.cmd %CD%"
My problem with using this is it is different that choosing the run as administrator option from the cmd on the start menu. If you navigate to c:\users%username%\ the command above returns the runas/admin path. If you use the run as administrator option from the start menu, that command would return the user path of the logged in non-admin user. Also, it seems to also not even grant the cmd admin privileges somehow. When I ran net stop spooler from the window that opened, it gave an access denied error.
I know I can just make a shortcut to cmd.exe and in the properties choose run as admin to make it do an UAC prompt. I would like to avoid entering the username each time and want the result to be the same as what I do with my shortcut to Active Directory, where I only need to type the password.
Thanks!
TLDR version: When I click 'Run as administrator' in the command prompt options on the start menu, what command is actually being executed to have it run as the non-admin user, but be able to make administrator level changes?