header image

Elevating now

Posted by: | March 4, 2010 | 1 Comment |

Running Windows 7 with UAC turned on I get an error when trying to access the security log

PS> Get-EventLog -LogName Security
Get-EventLog : Requested registry access is not allowed.
At line:1 char:13
+ Get-EventLog <<<<  -LogName Security
    + CategoryInfo          : NotSpecified: (:) [Get-EventLog], SecurityException
    + FullyQualifiedErrorId : System.Security.SecurityException,Microsoft.PowerShell.Commands.GetEventLogCommand


OK – not a surprise because I was expecting it. 

Remember I mentioned the psusertools module in the PowerShell pack had a command to test if you are running with elevated privileges

PS> Test-IsAdministrator


Now we know how to test we can load the PowerShell Comunity Extensions v2 beta and find a function called Invoke-Elevated.  Put the two together and we get

if (!(Test-IsAdministrator)){Invoke-Elevated {Get-EventLog -LogName Security -Newest 5}}

The UAC prompt will appear – click yes – and another PowerShell window will appear with your answers.

We could extend this idea to put the invoke-elevated so all we did was pass in a string with the command.   Consider that your homework for tonight.  🙂

Technorati Tags: ,,
under: PowerShellV2

1 Comment

  1. By: Felipe on June 11, 2012 at 9:57 am      

    Any suggestions when you would have 200 doamin controllers and about 30,000 users? We frequently have users that get randomly locked out and it is not always the closest DC to them because they RDP into other locations or use apps that are hosted somewhere else.