There are a few options for standard user to run as Administrator (or any another user), however, even when logged as Administrator, some functions requires to run 'elevated'.
On a windows gui, just right click a .exe and select run as Administrator or even elevate 'cmd' or 'powershell'.
How can you get elevated privileges on Windows core?
Generally, to programmatically invoke an executable with elevation (Run as Administrator) on Windows, use the Start-Process cmdlet with -Verb RunAs.
This applies equally to pwsh.exe, the PowerShell Core executable, so that in the simplest case you can write:
# Open a new console window with PowerShell Core running with admin privileges.
Start-Process -Verb RunAs pwsh
If you wanted to wrap that in a convenience function that is also more robust and cross-edition on Windows (also works in Windows PowerShell):
function Enter-AdminPSSession {
Start-Process -Verb RunAs (Get-Process -Id $PID).Path
}
# Optionally also define a short alias name:
# Note: 'psa' is a nonstandard alias name; a more conformant name would be
# the somewhat clunky 'etasn'
# ('et' for 'Enter', 'a' for admin, and 'sn'` for session), analogous
# to built-in 'etsn' alias referring to 'Enter-PSSession'
Set-Alias psa Enter-AdminPSSession
If you want the function to also be cross-platform (to also work on Unix-like platforms):
function Enter-AdminPSSession {
if ($env:OS -eq 'Windows_NT') {
Start-Process -Verb RunAs (Get-Process -Id $PID).Path
} else {
sudo (Get-Process -Id $PID).Path
}
}
Important: Due to the cmdlets / utilities involved,
on Windows, the new session invariably opens in a new console window.
Administrator: )on Unix (Linux, macOS), the new session invariably opens in the same console (terminal) window.
whoami is a quick way to test for that (returns root in an admin session); a better solution would be to modify the prompt function to reflect an admin session in the prompt string, as the prepackage solution discussed next does.If you additionally want the ability to run commands in the new session and optionally auto-close it, much more work is needed:
You can download function Enter-AdminPSSession from this Gist, which:
enables passing commands to execute via a script block ({ ... })
keeps the session open by default, so that command output can be inspected, but you can opt-out with -Exit or -ExitOnSuccess (close the session only if no error occurred).
tries to reflect overall success of the commands passed via $LASTEXITCODE (even for PowerShell-native commands this variable is normally not set); 0 indicates success.
ensures that the calling session's current location (working directory) is also the elevated session's current location.
allows you to opt out of loading the profiles, with -NoProfile
prefixes the prompt string in interactive elevated sessions with [admin] , on all platforms - except if Oh My Posh is being used, which is assumed to use its own visualization to indicate the elevated status.
Assuming you have looked at the linked Gist's source code to ensure that it is safe (which I can personally assure you of, but you should always check), you can install Enter-AdminPSSession directly as follows:
irm https://gist.github.com/mklement0/f726dee9f0d3d444bf58cb81fda57884/raw/Enter-AdminPSSession.ps1 | iex
Example calls (which assume that Set-Alias psa Enter-AdminPSSession has been called):
psa
psa -NoProfile -ExitOnSuccess { Set-ExecutionPolicy -Scope LocalMachine RemoteSigned }
/etc/sudoers (which can only be read with administrative privileges), then exits:psa -Exit { Get-Content /etc/sudoers }