In windows 7, I'd like to schedule a program to be run with administrative privileges, without having the user need to respond to a prompt (which requests elevated privileges) every time the scheduled task is run. Is there any way to accomplish this goal without disabling UAC prompts for all applications?
Might not be relevant, but I'm trying to get this program to run at startup.
Open Task Scheduler
Create a new task
In the "General" tab - ensure the following settings are entered:
"Run whether user is logged on or not"
"Run with highest privileges"
"Configure For" (your operating system)
In the "Triggers" tab, when adding a trigger (schedule) - ensure that the "Enabled" checkbox is checked
The other tabs need to be looked at as well (actions etc) - but these are the options you should specify when trying to ensure a task runs regardless of which user is logged in, and without the UAC prompts.
When saving the task, you will be prompted to enter a username and password - this username and password is the user that will be used to execute the task. If you are running the task with "highest privileges" you will need to make sure this is an admin account.
Run whether user is logged on or not option, the program will not have a GUI (or tray icon). You have to disable that option for it to have a GUI, but then it can only run when the user logs in, which means it cannot run as admin. It’s a frustrating and common catch-22 that Microsoft missed and still seems to ignore.
You can provide administrator login. It will work:
I am reading that the task needs to be scheduled to run under the NT AUTHORITY\SYSTEM account, in order to execute the job as an Administrator. "Highest privileges" hasn't produced the same effect for us. Note that in the SYSTEM-run job case, the GUI option is grayed out, so there will be no prompt.
LOCAL SERVICE, NETWORK SERVICE, and SYSTEM, but SYSTEM was the only one that could actually perform automated maintenance such as starting and stopping services rather than just querying them.
It's weird that the Task Scheduler answer doesn't work for me. Combining with the need to frequently choose which app to autostart and which not, I come up with a PowerShell script to solve this:
# On UAC-enabled systems, to make sure a script is running with full admin privileges, add this code at the beginning of your script:
param([switch]$Elevated)
function Test-Admin {
$currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
$currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
}
if ((Test-Admin) -eq $false) {
if ($elevated) {
# tried to elevate, did not work, aborting
} else {
Start-Process pwsh -Verb RunAs -ArgumentList ('-noprofile -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition))
}
}
'Running with full privileges'
& "path\to\file"
& "C:\Program Files\Example.exe"
exit
It just gives me more flexible. I place a shortcut of this script into the startup folder, with the target:
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -windowstyle hidden path\to\script.ps1
