Elevate Powershell scripts

The task is more like setuid than sudo ... and thankfully, setuid is possible: you can simply create a scheduled task (without a set schedule), and set it to run elevated. Then, give your users rights to execute that task. I outlined the process in a blog post awhile ago along with a PowerShell script to help create the tasks and shortcuts to run them.

The problem (as JaredPar suggested) is that you have to make sure that the apps which you have scheduled to run elevated or "as administrator" are protected, and this is especially true if you will run a script. Make sure noone but the administrator(s) can edit or replace that script, or you're giving away the proverbial keys to the kingdom.

if you are using V2, you can use the following which is up on the PowerShell Team Blog

Start-Process "$psHome\powershell.exe" -Verb Runas -ArgumentList '-command "Get-Process"'

This would run "Get-Process" as administrator.

If you don't have V2, you could create a StartInfo object and set the Verb to Runas like this.

function Start-Proc  {        param ([string]$exe = $(Throw "An executable must be specified"),[string]$arguments)            # Build Startinfo and set options according to parameters       $startinfo = new-object System.Diagnostics.ProcessStartInfo        $startinfo.FileName = $exe       $startinfo.Arguments = $arguments       $startinfo.verb = "RunAs"       $process = [System.Diagnostics.Process]::Start($startinfo)  }

I have a blog post that talks a bit more about using a System.Diagnostics.ProcessStartInfo object.

The Powershell Community Extensions include a cmdlet for this, alias 'su'. http://www.codeplex.com/Pscx