Sorry for a noob question about the Windows command line. What is the best approach to authenticating as an administrator in the Windows command line?
I am working on a management app for a client that will install BitLocker on all of their organization’s computers, and I am looking at the option of using the command line program manage-bde for this (http://technet.microsoft.com/en-us/library/dd894351(v=ws.10).aspx) . To run manage-bde, I need to do the equivalent of “Open a Command Prompt window as an administrator”.
The app would already have access to the user’s account name and password… I am just not sure how to use the shell as an administrator. On the mac end, I could do this by entering a sudo command and entering the password when prompted.
My other option would be to access the Win32_EncryptableVolume WMI provider class, which I have played around with using the MBS plugins, but I am also having trouble figuring out how to authenticate there.
Thanks in advance for any help anyone can give.
I’m not a windows user so often but if my brain recalls correctly I think you can right click on the cmd app and choose “Run as administrator” or something like that.
Right. But I am looking to do this from inside an app I create without the user clicking on the command app.
Sorry, read your post way to fast 
Haha, no prob, thanks for taking time to answer!
In a UAC environment the only “work around” is to create a “middle man application” that has its properties set to “run as administrator” set true. The purpose of the middle man application is solely to execute and/or pass parameters to the cmd.exe. since the middle man application has its privileges elevated, any process it spawns will automatically be elevated as well. This is the only option as PSEXEC will not work.
This is what I’ve done to get around the problem. In this case the “middle man application” is a VBScript generated from within your program.
Ok, that’s very helpful… is it possible to set the middle man app to ‘run as administrator’ via a registry entry?
Wayne, I am eagerly trying to open your file, but it’s telling me there’s a missing file - P:\MyLibs\WindowsUAC.rbo
Maybe I don’t have understood correctly your question.
The function CredUICmdLinePromptForCredentials() may help you?
http://msdn.microsoft.com/en-us/library/windows/desktop/aa375171(v=vs.85).aspx
[quote=65541:@Andrew Dempsey]Ok, that’s very helpful… is it possible to set the middle man app to ‘run as administrator’ via a registry entry?
Wayne, I am eagerly trying to open your file, but it’s telling me there’s a missing file - P:\MyLibs\WindowsUAC.rbo[/quote]
After building the application on the development system, set it to run as admin…transporting it to another system should retain the admin property.
http://windows.microsoft.com/en-us/windows/command-prompt-faq#1TC=windows-8
states that a permission of a lower elevated process cannot elevate once initialized.
quote=65551:@Maurizio Rossi]Maybe I don’t have understood correctly your question.
The function CredUICmdLinePromptForCredentials() may help you?
http://msdn.microsoft.com/en-us/library/windows/desktop/aa375171(v=vs.85).aspx[/quote]
Will only work if the initial process is elevated, and this is to assume another users permissions.
You can get P:\MyLibs\WindowsUAC.rbo here.