UAC: How to elevate anything

Before reading this article, I need you to know a little something about UAC. At the minimum you should read my article Let's Talk UAC for the Enterprise. To get a little deeper into the subject, consider reading some detailed articles found here: UAC: An introduction to User Account Control.

After educating yourself on Vista's UAC, you should be aware that there are a great many things that cause elevation of applications:

• Vista can autodetect that an installation program should be run elevated.
• Vista knows that certain programs like GPMC should be run with the highest available token.
  
• An application's manifest can specify that an elevated token should be used.
• An administrator can specify in the properties of a file that an executable must run with an administrator token.
• A user can right-click on an executable and specify that it be "Run as Administrator".
• ...
  

But what do you do if the thing you need to elevate isn't an application? It seems to me that Microsoft hasn't really accommodated this possibility when designing Vista - but it needs to happen more often than you think. The most common example would be a script that needs to make system changes. What if you have a Visual Basic Script (.VBS, .VBA, .HTA, etc.)?

Not only can the script not have a manifest specifying an elevated token, but there is no obvious way to request elevation. You cannot specify it in the properties of these files since they are not executables. You cannot even right-click and specify that it be "Run as Administrator".

It turns out that there are a number of approaches to this problem (none of which are obvious). All the approaches rely on a basic pair of principles. Vista can only elevate executables (by initiating a new process) AND any processes launched by an elevated process will also be elevated. Each approach may look radically different, but it always boils down to exploiting these principles.

The approaches to elevating non-executables are as follows:

• Elevate a command prompt (CMD) and launch anything needing elevation from there.
• Elevate an instance of Windows Explorer so that anything you launch with it is also elevated.
• Add Run As Administrator to the context menu for additional file types by modifying the registry.
• Find the associated application and run it elevated, then open the required file.
• Create a launcher script that opens the required file with elevation specified.
  

Elevating a command prompt (CMD) is by far the easiest and most common method for elevating scripts. You'd laugh if you walked through the offices of our technical staff. They all sit there with this pretty Vista OS but the only thing you see is these black CMD windows because it is the only practical way for them to work.

I will write an article on each of the approaches and turn the bullets into links as they are written. But hopefully I've given you some useful hints in the mean time if you can't wait for me :-)