运行具有“预先允许”管理员权限的程序 Windows

Question 1

有两种方法。

禁用 UAC。这是一种适用于整个系统的强力方法。从整体安全角度来看，这不是最佳选择。
使用另一个可执行文件启动应用程序，以启用默认情况下禁用的管理员权限。您可以创建自己的可执行文件，并使用类似 ProcessPrivileges 的工具来启用已禁用的权限，或者使用其他工具，例如 SysInternals 的 psexec。

值得一提的是，将 exe 作为计划任务运行并指定“以最高权限运行”可实现相同的目的，但您可能不希望仅限于将其作为计划任务运行。然而，对于系统管理员来说，这是一种有用的方法，可以根据每个应用程序提供此功能，并授予其他人运行计划任务的权限，这样他们就不需要过多的权限。

例如：

psexec.exe -h yourprogram.exe

或者您甚至可以作为本地系统运行该进程：

psexec.exe -s yourprogram.exe

或者以本地系统身份运行该进程，可以与桌面交互：

psexec.exe -s -i yourprogram.exe

更多信息：

PsExec v1.98 - Execute processes remotely
Copyright (C) 2001-2010 Mark Russinovich
Sysinternals - www.sysinternals.com

PsExec executes a program on a remote system, where remotely executed console
applications execute interactively.

Usage: psexec [\\computer[,computer2[,...] | @file]][-u user [-p psswd][-n s][-l][-s|-e][-x][-i [session]][-c [-f|-v]][-
w directory][-d][-<priority>][-a n,n,...] cmd [arguments]
     -a         Separate processors on which the application can run with
                commas where 1 is the lowest numbered CPU. For example,
                to run the application on CPU 2 and CPU 4, enter:
                "-a 2,4"
     -c         Copy the specified program to the remote system for
                execution. If you omit this option the application
                must be in the system path on the remote system.
     -d         Don't wait for process to terminate (non-interactive).
     -e         Does not load the specified account's profile.
     -f         Copy the specified program even if the file already
                exists on the remote system.
     -i         Run the program so that it interacts with the desktop of the
                specified session on the remote system. If no session is
                specified the process runs in the console session.
     -h         If the target system is Vista or higher, has the process
                run with the account's elevated token, if available.
     -l         Run process as limited user (strips the Administrators group
                and allows only privileges assigned to the Users group).
                On Windows Vista the process runs with Low Integrity.
     -n         Specifies timeout in seconds connecting to remote computers.
     -p         Specifies optional password for user name. If you omit this
                you will be prompted to enter a hidden password.
     -s         Run the remote process in the System account.
     -u         Specifies optional user name for login to remote
                computer.
     -v         Copy the specified file only if it has a higher version number
                or is newer on than the one on the remote system.
     -w         Set the working directory of the process (relative to
                remote computer).
     -x         Display the UI on the Winlogon secure desktop (local system
                only).
     -priority  Specifies -low, -belownormal, -abovenormal, -high or
                -realtime to run the process at a different priority. Use
                -background to run at low memory and I/O priority on Vista.
     computer   Direct PsExec to run the application on the remote
                computer or computers specified. If you omit the computer
                name PsExec runs the application on the local system,
                and if you specify a wildcard (\\*), PsExec runs the
                command on all computers in the current domain.
     @file      PsExec will execute the command on each of the computers listed
                in the file.
     program    Name of application to execute.
     arguments  Arguments to pass (note that file paths must be
                absolute paths on the target system).

You can enclose applications that have spaces in their name with
quotation marks e.g. psexec \\marklap "c:\long name app.exe".
Input is only passed to the remote system when you press the enter
key, and typing Ctrl-C terminates the remote process.

If you omit a user name the process will run in the context of your
account on the remote system, but will not have access to network
resources (because it is impersonating). Specify a valid user name
in the Domain\User syntax if the remote process requires access
to network resources or to run in a different account. Note that
the password is transmitted in clear text to the remote system.

Error codes returned by PsExec are specific to the applications you
execute, not PsExec.

Answer

有两种方法。

禁用 UAC。这是一种适用于整个系统的强力方法。从整体安全角度来看，这不是最佳选择。
使用另一个可执行文件启动应用程序，以启用默认情况下禁用的管理员权限。您可以创建自己的可执行文件，并使用类似 ProcessPrivileges 的工具来启用已禁用的权限，或者使用其他工具，例如 SysInternals 的 psexec。

值得一提的是，将 exe 作为计划任务运行并指定“以最高权限运行”可实现相同的目的，但您可能不希望仅限于将其作为计划任务运行。然而，对于系统管理员来说，这是一种有用的方法，可以根据每个应用程序提供此功能，并授予其他人运行计划任务的权限，这样他们就不需要过多的权限。

例如：

psexec.exe -h yourprogram.exe

或者您甚至可以作为本地系统运行该进程：

psexec.exe -s yourprogram.exe

或者以本地系统身份运行该进程，可以与桌面交互：

psexec.exe -s -i yourprogram.exe

更多信息：

PsExec v1.98 - Execute processes remotely
Copyright (C) 2001-2010 Mark Russinovich
Sysinternals - www.sysinternals.com

PsExec executes a program on a remote system, where remotely executed console
applications execute interactively.

Usage: psexec [\\computer[,computer2[,...] | @file]][-u user [-p psswd][-n s][-l][-s|-e][-x][-i [session]][-c [-f|-v]][-
w directory][-d][-<priority>][-a n,n,...] cmd [arguments]
     -a         Separate processors on which the application can run with
                commas where 1 is the lowest numbered CPU. For example,
                to run the application on CPU 2 and CPU 4, enter:
                "-a 2,4"
     -c         Copy the specified program to the remote system for
                execution. If you omit this option the application
                must be in the system path on the remote system.
     -d         Don't wait for process to terminate (non-interactive).
     -e         Does not load the specified account's profile.
     -f         Copy the specified program even if the file already
                exists on the remote system.
     -i         Run the program so that it interacts with the desktop of the
                specified session on the remote system. If no session is
                specified the process runs in the console session.
     -h         If the target system is Vista or higher, has the process
                run with the account's elevated token, if available.
     -l         Run process as limited user (strips the Administrators group
                and allows only privileges assigned to the Users group).
                On Windows Vista the process runs with Low Integrity.
     -n         Specifies timeout in seconds connecting to remote computers.
     -p         Specifies optional password for user name. If you omit this
                you will be prompted to enter a hidden password.
     -s         Run the remote process in the System account.
     -u         Specifies optional user name for login to remote
                computer.
     -v         Copy the specified file only if it has a higher version number
                or is newer on than the one on the remote system.
     -w         Set the working directory of the process (relative to
                remote computer).
     -x         Display the UI on the Winlogon secure desktop (local system
                only).
     -priority  Specifies -low, -belownormal, -abovenormal, -high or
                -realtime to run the process at a different priority. Use
                -background to run at low memory and I/O priority on Vista.
     computer   Direct PsExec to run the application on the remote
                computer or computers specified. If you omit the computer
                name PsExec runs the application on the local system,
                and if you specify a wildcard (\\*), PsExec runs the
                command on all computers in the current domain.
     @file      PsExec will execute the command on each of the computers listed
                in the file.
     program    Name of application to execute.
     arguments  Arguments to pass (note that file paths must be
                absolute paths on the target system).

You can enclose applications that have spaces in their name with
quotation marks e.g. psexec \\marklap "c:\long name app.exe".
Input is only passed to the remote system when you press the enter
key, and typing Ctrl-C terminates the remote process.

If you omit a user name the process will run in the context of your
account on the remote system, but will not have access to network
resources (because it is impersonating). Specify a valid user name
in the Domain\User syntax if the remote process requires access
to network resources or to run in a different account. Note that
the password is transmitted in clear text to the remote system.

Error codes returned by PsExec are specific to the applications you
execute, not PsExec.

Question 2

我有一个解决方案，但这取决于以下几点：

IT 人员的技术水平如何
如果你尝试运行的程序可以通过命令行调用

基本上，他们可以编译一个 exe 文件来调用您需要运行的程序，同时传递在提升模式下运行所需的凭据。.Net 可用于此目的，而且非常简单。由于 exe 文件是经过编译的（相对于脚本而言），因此用于运行 exe 的帐户凭据不是明文的。

Answer

我有一个解决方案，但这取决于以下几点：

IT 人员的技术水平如何
如果你尝试运行的程序可以通过命令行调用

基本上，他们可以编译一个 exe 文件来调用您需要运行的程序，同时传递在提升模式下运行所需的凭据。.Net 可用于此目的，而且非常简单。由于 exe 文件是经过编译的（相对于脚本而言），因此用于运行 exe 的帐户凭据不是明文的。

Question 3

不，你不能这样做。或者更准确地说，你不应该这样做。这个网站上的大多数人是IT 部门，因此他们并不热衷于讨论如何规避 IT 部门的法规和控制。您的 IT 部门不希望您拥有管理员权限，否则他们会把权限授予您。

尝试通过适当的渠道（例如，与管理员交谈）并向他们解释您需要管理员权限才能有效地完成工作。根据公司政策，他们可能无法授予您公司笔记本电脑的管理员权限，但他们可能会在实验室中为您提供虚拟机以供使用。

附言：如果我听起来脾气不好，请原谅。咖啡还没喝够。

Answer

不，你不能这样做。或者更准确地说，你不应该这样做。这个网站上的大多数人是IT 部门，因此他们并不热衷于讨论如何规避 IT 部门的法规和控制。您的 IT 部门不希望您拥有管理员权限，否则他们会把权限授予您。

尝试通过适当的渠道（例如，与管理员交谈）并向他们解释您需要管理员权限才能有效地完成工作。根据公司政策，他们可能无法授予您公司笔记本电脑的管理员权限，但他们可能会在实验室中为您提供虚拟机以供使用。

附言：如果我听起来脾气不好，请原谅。咖啡还没喝够。

运行具有“预先允许”管理员权限的程序 Windows

答案1

答案2

答案3

相关内容