How to run a process as non-admin from an elevated PowerShell console?

windows powershell elevated-privileges start-process
orad picture orad · Apr 10, 2015 · Viewed 8.9k times · Source

Maybe there is a way to do it with Start-Process cmdlet that I cannot find? The other related Q/A's I found on StackOverflow such as this, this and this all give a solution to do this with a custom C# code. My question is specifically, is there any straightforward way to do this in PowerShell? i.e. you are in an elevated PS console and want to run a process as non-admin.

Answer

Mathias R. Jessen picture Mathias R. Jessen · Apr 10, 2015

You can specify the TrustLevel with runas.exe, effectively running "restricted"

runas /trustlevel:0x20000 "powershell.exe -command 'whoami /groups |clip'"

You should see in the output from whoami that the Administrators group in your token is marked as "Used for Deny only"

enter image description here

Related questions

How to run a PowerShell script

How do I run a PowerShell script? I have a script named myscript.ps1 I have all the necessary frameworks installed I set that execution policy thing I have followed the instructions on this MSDN help page and am trying …

Read More
How to run a PowerShell script from a batch file

I am trying to run this script in PowerShell. I have saved the below script as ps.ps1 on my desktop. $query = "SELECT * FROM Win32_DeviceChangeEvent WHERE EventType = 2" Register-WMIEvent -Query $query -Action { invoke-item "C:\Program Files\abc.exe"} I have …

Read More
Setting Windows PowerShell environment variables

I have found out that setting the PATH environment variable affects only the old command prompt. PowerShell seems to have different environment settings. How do I change the environment variables for PowerShell (v1)? Note: I want to make my changes …

Read More