So I am hoping that a Standard User that does not have admin rights will be able to run the batch file with elevate rights and UAC to be bypassed?
The OS is Windows 8.1 64bit, UAC is turn on.
1 Comment   [ + ] Show Comment


  • I for the great shame have done something like this, I am not proud of it.

    but, essentially you are using an MSI to intall a shortcut to run a batch file...
    and the batch file removes a prev MSI install, then installs a new MSI. Is that correct
Please log in to comment

Community Chosen Answer

1. An ability for ordinary users to run programs with elevated privileges and bypass UAC would be a monumental hole in Windows' security.

2. Your script doesn't check that the uninstall completed successfully before blundering on to the installation.

3. Most MSIs will be authored to automatically upgrade an app - presumably these are related apps? - with no need to explicitly uninstall previous versions.

4. You should add verbose logging to your command line, or trouble-shooting issues will be pretty much guesswork.

5. If you're deploying via any sort of purpose built system, it will most likely be using the local System account, so there's no need for elevation.
Answered 12/11/2015 by: VBScab
Red Belt

  • Regarding point 3, if it's a vendor MSI, you can only hope and test. If it's been repackaged, the chances are that it has not been authored to be updated, ergo de-install old / install new via Client Management tool and any user interaction via that tool...
Please log in to comment


Can't be done, that's whole point of a standard user and UAC.
Welcome to (semi) proper security!

Does the batch file really need elevation? Might be able to complete this as standard user, but I would need to know what you are trying to achieve.
Answered 12/10/2015 by: rileyz
Red Belt

  • Hi I have been asked to create a batch file that will uninstall an application wait 5 seconds and the install the applications.. It is a problematic application and so we wanted to give the Users the ability to do this themselves. The Shortcut is just called "appname Reset"

    Command lines are:
    msiexec /x {C9CE2055-FD42-403F-B478-2E633BE1C9A6} /QN
    TIMEOUT 5 /nobreak
    msiexec /i "Client.msi" TRANSFORMS="Client.mst" /QN
    • What deployment tool do you use, assuming you have a managed estate.
Please log in to comment
you can use autoit and create an exe that will call the batch file from an elevated prompt.  Or you can just take your batch file lines and make them part of the autoit script then convert that to an exe
Answered 12/10/2015 by: SMal.tmcc
Red Belt

Please log in to comment

I agree with RileyZ, technically, 'it cant be done'. A std user is, by definition, a std user.

BUT, you can with some tools do things so when a std users is logged in you can run something, like the above. But you would have to do a runas and input the  credentials (user name AND Password) of an admin user.

I have done it with vbs (then encrypted it) also with the autoit approach. These are both very bad options. I also get the feeling you are going to say, the builds are different, so you wont be able to say for sure what the password is for a local amdin user.


Good luck.

Answered 12/12/2015 by: Badger
Red Belt

Please log in to comment
Answer this question or Comment on this question for clarity
Admin Script Editor
Admin Script Editor is an integrated scripting environment available free here at ITNinja