Normally it is easy to open a program / script .bat
with elevation using the "Run as administrator" option of the right button.
But what if I want to run something with elevation from cmd
, a kind of sudo
, how to?
Normally it is easy to open a program / script .bat
with elevation using the "Run as administrator" option of the right button.
But what if I want to run something with elevation from cmd
, a kind of sudo
, how to?
The runas
Windows tool is equivalent to sudo
of Unix / Linux . Its syntax is:
runas [/profile | /noprofile] [/env] [/netonly | /savecred] [/showtrustlevels] [/trustlevel] /user:<UserName> "<PathToProgramFile>"
Examples
The command below executes the Command Prompt as root.
runas /user:Administrator cmd
Unix / Linux simply means:
sudo /bin/sh
Or through the command below:
su -
Note : If you do not use Bash you can know the shell you use from the command which sh
.
If you need to load the user profile you can do:
runas /profile /env /user:<Usuario> "notepad"
Unix / Linux can be equivalent to:
sudo -u <Usuario> -i
In contrast, if you do not want to load the user profile you can use:
runas /noprofile /user:<Usuario> "notepad"
With sudo
we could use:
sudo -u root vi /etc/sudoers
There are also external tools that can do the lifting, for example Sudo for Windows .
If you use ConEmu () it's a great alternative to the Windows Command Prompt ) you can use the csudo
command. to perform an action with privileges.
Otheralternativescanbeseen here .
We could create a batch file to accomplish this task through runas
:
@echo off
SETLOCAL ENABLEDELAYEDEXPANSION
set "ARG=%*"
if !ARG! == "" (
echo.Sem argumentos validos
goto :NOARGS
) ELSE (
goto :EXECRUNAS
exit /b 0
)
:NOARGS
echo.Modo de uso: %~n0 -u [usuario] [comando1, comando2, comandoN]
exit /b 0
:EXECRUNAS:
if "%1" == "-u" (
set USER=%2
SHIFT
) ELSE (
echo.Especifique o usuario & echo.
goto :NOARGS
)
SHIFT
set "skip=2"
for %%I IN (!ARG!) DO IF !skip! LEQ 0 (
set args=!args! %%I
) ELSE set /a skip-= 1
for %%i IN (!args!) do (
runas /env /user:!USER! "cmd /k \"%%i\""
)
echo.Tarefa Finalizada & echo.
exit /b 0
Just save the file with a name of your preference, with the extension .bat
and call it through the prompt like this:
bat_sudo -u [usuario] [comando1, comando2, comandoN]
For example:
bat_sudo -u Administrator gpedit.msc mmc regedit
Remembering that script separates commands through spaces, so if you pass a command like at 1
the script will interpret two commands as intended.
By default the local user (Domain =.) raised on windows in English is Administrator.
In this way:
runus /user:.\Administrator "path \ Program.exe"
Create a file sudo.bat
and paste it into the following content:
@echo Set objShell = CreateObject("Shell.Application") > %temp%\sudo.tmp.vbs
@echo args = Right("%*", (Len("%*") - Len("%1"))) >> %temp%\sudo.tmp.vbs
@echo objShell.ShellExecute "%1", args, "", "runas" >> %temp%\sudo.tmp.vbs
@cscript %temp%\sudo.tmp.vbs
If you want, you can put it in the C:\Windows
folder or another folder that is in the environment PATH variable, so that Windows recognizes it automatically.
Usage: sudo <executável>
(example: sudo notepad
), and it will open the UAC window for you .
We know that " runas " can not raise the privilege for a specific command on the command line. What it does is run a command with another user, in this case, being able to be the Administrator user.
It turns out that in the scenario where the user just wants to raise their process level to be equivalent to " Run as Administrator ", which exists in the context menu of each executable file, without changing the user.
In case of using Windows within a company, and although my user is in the local Administrators group, I do not have the password of the user " Administrator ", the use of " runes "does not resolve. So stop being equivalent to "sudo".
An alternative to " Sudo for Windows " is to use Elevate . It is a small utility that does exactly what "sudo command" does.
So, the following lines are equivalent:
sudo vim /etc/hosts
elevate notepad.exe c:\windows\system32\drivers\etc\hosts
runas /user:administrador "time 12"