From Newsgroup: alt.msdos.batch

On Tue, 22 Oct 2024 01:46:04 -0400, Paul wrote:

On Mon, 21 Oct 2024 21:31:03 -0400, Mickey D wrote:

As you said, any command will be elevated with this method, but I was
specifically talking about the command prompt which comes up when you enter >>> "windows + r" and "control + shift + enter" & then "cmd" into the Run box. >>

Just to be super clear about the sequence, any command will be elevated
with this method, but I was specifically talking about the command prompt
which comes up when you enter "windows + r" and "control + shift + enter"
with "cmd" into the Run box as shown super clearly obviously in the below. >>
1. Windows + r
2. cmd
3. Control + shift + enter
4. Yes to the UAC prompt

All I want to do is figure out a way for #4 to not happen.
Any ideas?

(Other than turning off UAC for all commands - which is not a good idea.)

Well, that's what works, is turning off UAC entirely.

*******

There is a second way to run the OS.

1) Enable the "real administrator" account.
Now, there is a home directory for the Administrator.

2) Start : Run : dropmyrights.exe cmd.exe

That is an example, of starting the Command Prompt window
in an unelevated state. The "dropmyrights" executable
as far as I know, is third party. I have a couple other utilities
of this sort, which are also third party, and are useful for weird
stuff like that. Todd is the one who posted about this.

So that's "running upside-down" in a sense. You are always elevated,
except when you specifically want to de-elevate yourself. As an IT
guy, Todd likes this when doing a series of maintenance commands for
a customer. When most of the commands need the elevation, and
only the occasional one needs "dropmyrights.exe" placed in front of it.

*******

Windows has had a "sudo" command added. However,
this is likely to be a half-assed job and the UAC prompt
is *still* going to come up. Whether that is in 24H2 only,
or is available as a Feature before 24H2, I don't know.
Personally, I am not placing bets on this feature being
worth my time.

In Linux, after you authenticate on the first instance of
"sudo" usage, the token is kept for around ten minutes or so.
This means if you enter "sudo notepad.exe" a second time,
you would not be asked for authentication again. However,
the Windows design intent, is to always present the UAC prompt,
even if doing identical things in a row:

sudo notepad.exe UAC prompt, proceed with what you were doing
sudo notepad.exe UAC prompt, proceed with what you were doing
sudo notepad.exe UAC prompt, proceed with what you were doing

Because again, the idea is not to refine the presentation of UAC and
make it a minimalist thing. The intention is belt-and-suspenders,
to make sure the user really intended to do this. Even if to any
casual observer, there's no point in doing the second and third one.

Some day, I'm going to get to see this new "sudo" feature... Maybe
I should fire up the Insider and repair it.

https://learn.microsoft.com/en-us/windows/sudo/

"Because sudo elevates the targeted process to run
with administrator-level permission, a prompt will
open asking you to verify that you want to continue." <=== Bwahahaha!!! No shit!

Thanks for your advice and helpful assistance in streamlining Windows.
I figured out how to bring up an admin command prompt window without UAC.

At the same time, I streamlined step #3 from 3 keys to only 1 keystroke.
Plus I was able to colourize the admin command window to make it obvious.

BEFORE:
1. Windows + r
2. cmd
3. control + shift + enter
4. Yes to UAC
5. This opens an administrator command prompt window

AFTER:
1. Windows + r
2. admin
3. enter
4. This opens (a red) administrator command prompt window

I set it to invoke a red administrator command window with white letters.
The reason for those colors is to distinguish between regular cmd windows.

All I needed was to make a shortcut that pointed to the task scheduler.
In taskschd.msc I checked "Run with highest privileges" to skip the UAC.

Then I added this program to be run when the shortcut calls taskshd.msc.
cmd /k "cd /d "C:\Windows\System32" & echo admin: & color 4f"

Clicking the shortcut opens up a red admin cmd window without invoking UAC. Then I needed a quick way to invoke that shortcut from the Windows Run box.

So I added an "admin" command in the registry to invoke that shortcut. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\admin.exe
(where admin.exe points to the admin shortcut invoking the admin task).

With streamlining, I was able to skip not only UAC but multiple keystrokes. Success at last!
--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: alt.msdos.batch

On Tue, 22 Oct 2024 06:47:19 +0100, Andy Burns wrote:

a "User Account Control" prompt asks me "Do you want to allow
this app to make changes to your device?"

Not here ...

Instead of
1. Windows + r
2. cmd
3. control + shift + enter
4. Yes to UAC
5. This opens an administrator command prompt window

The three Windows tricks below reduce those steps to about half.
1. Windows + r
2. admin
3. enter
4. This opens (a red) administrator command prompt window

Here's exactly how to set it up so that it works perfectly on any PC.

1. Create a new task by typing "taskschd.msc" in the Windows Run box.
Name = admin
[x]Run with highest privileges
Action = Start a program = %comspec%
Arguments = /k "cd /D "C:\Windows\System32" & echo admin: & color 4f"

2. Point to that new task using a Windows shortcut placed anywhere.
Name = admin.lnk
Target = C:\Windows\System32\schtasks.exe /run /TN "admin"
Start in = %windir%\system32
Comment = %comspec% /k "cd /D "C:\Windows\System32" & echo admin: & color 4f"

When you test this shortcut, it should bring up a red admin command
window (without popping up a UAC request for you to press Yes to).

3. Create a Windows Run box command in the Windows system registry.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\
Rightclick on "App Paths" to create a "New key" named "admin.exe"
String Value Data = C:\wherever-you-put-the-shortcut\admin.lnk

Now when you want to enter an admin command prompt, you can just type
"admin" + "enter" into the Run box which is pinned to your taskbar.

If you can make it even fewer steps, please let me know how (as that's the
most efficient way to bring up an admin window I can think of for now).
--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: alt.msdos.batch

On Tue, 22 Oct 2024 20:06:36 -0400, ...winston wrote:

a "User Account Control" prompt asks me "Do you want to allow
this app to make changes to your device?"

Not here ...

Instead of
1. Windows + r
2. cmd
3. control + shift + enter
4. Yes to UAC
5. This opens an administrator command prompt window

The three Windows tricks below reduce those steps to about half.
1. Windows + r
2. admin
3. enter
4. This opens (a red) administrator command prompt window

Here's exactly how to set it up so that it works perfectly on any PC.

1. Create a new task by typing "taskschd.msc" in the Windows Run box.
Name = admin
[x]Run with highest privileges
Action = Start a program = %comspec%
Arguments = /k "cd /D "C:\Windows\System32" & echo admin: & color 4f"

2. Point to that new task using a Windows shortcut placed anywhere.
Name = admin.lnk
Target = C:\Windows\System32\schtasks.exe /run /TN "admin"
Start in = %windir%\system32
Comment = %comspec% /k "cd /D "C:\Windows\System32" & echo admin: & color 4f"

When you test this shortcut, it should bring up a red admin command
window (without popping up a UAC request for you to press Yes to).

3. Create a Windows Run box command in the Windows system registry.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\
Rightclick on "App Paths" to create a "New key" named "admin.exe"
String Value Data = C:\wherever-you-put-the-shortcut\admin.lnk

Now when you want to enter an admin command prompt, you can just type
"admin" + "enter" into the Run box which is pinned to your taskbar.

If you can make it even fewer steps, please let me know how (as that's the >> most efficient way to bring up an admin window I can think of for now).

You first asked how to avoid the UAC prompt.
Now you're trying to educate folks on how to use their devices for
something only you might use/need?

Open Command.com in two steps.
Change the shortcut properites for command.com to an admin level shortcut. Place a copy of the shortcut on your desktop.

Click the shortcut, click yes. <= two steps

That works, where I describe the sequence below for others to use also.

1. Find the location of the command you wish to make a shortcut for
C:\> where cmd.exe => C:\Windows\System32\cmd.exe
2. Create a shortcut to that desired executable
3. Change that shortcut's properties to be an admin-level shortcut
Rightclick > Shortcut tab > Advanced button >
Then check the "Run as administrator" box > OK > OK
4. After testing, rightclick on that shortcut to pin to your taskbar.

The problem with this method is that you have only so much real estate on
your task bar and on your desktop where the method I outlined uses none.

Also, you STILL have to accept the UAC prompt, which negates it as a
solution if we stick to what the original question had initially asked.

But - you made me think of a possible way to create a directory of
shortcuts to any executable that you wish to graphically tap to invoke.

Initial (messy) PSEUDOCODE below to create the shortcuts you want.

REM I can't get the syntax to get the next two lines to work:
REM set /P USER_INPUT = "What command do you want to make a shortcut to?"
REM where %USER_INPUT% > whereisit.txt
REM set /P TARGET=<whereisit.txt
REM So I punt on syntax and just set the target manually. (sigh)

set TARGET='c:\Windows\System32\cmd.exe'
set SHORTCUT='c:\TEMP\command.lnk'
set PWS=powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile
%PWS% -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut(%SHORTCUT%); $S.TargetPath = %TARGET%; $S.Save()"

That creates a shortcut to any command that the "where" command finds.
But I need syntax help for it to create shortcuts to ANY command you like.

--- https://superuser.com/questions/651352/set-environment-variable-to-output-of-command-in-windows-command-prompt
--- Synchronet 3.21d-Linux NewsLink 1.2