This blog is about needing to use Powershell to RunAs admin on an Endpoint Manager device.

When you use the security baselines in Microsoft Intune for Windows 10, this message is familiar:

Endpoint Manager RunAs Admin - blocked message

This message will pop-up when you try run Powershell as admin:

Endpoint Manager RunAs Admin - example

Solution

The solution is quite simple. Follow these steps to start Powershell as Admin:

Firstly, search for Powershell in the start menu and select the option “open file location”:

Endpoint Manager RunAs Admin - open file location

After that, you need to use the following key combination in order to see the option below. Hold CTRL + SHIFT and right click on the shortcut. This option is added to the menu:

You now need to enter the credentials of the user which is going to run Powershell. This user must have local admin permissions on the device, otherwise this will not work. Furthermore, when you use a local account. You need make sure you put “.\” in front of the username. In the example I use a local account to clearify this.

Enter credentials:

After that, Powershell will start. Doublecheck by using the command “whoami” to verify whether the proper account is running Powershell.

We now have Powershell running as the local admin user but the Powershell session is not elevated. We can elevate the session by using the following command:

Start-Process Powershell -Verb RunAs

And now your Powershell session is elevated.

After that, you can modify (almost) anything on the device. That is how you RunAs admin on an Endpoint Manager device.

Handy commands:

compmgmt.msc –> open Computer Management
services.msc –> open Services
ncpa.cpl –> open Network Adapters
appwiz.cpl –> open Programs & Features
control –> open Control Panel

References

More information about security baselines:
Security baselines

Other Posts:
Endpoint Manager Packaging Script

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *