This blog is about needing to use Powershell to RunAs admin on an Endpoint Manager device.
When you use the security baselines in Microsoft Intune for Windows 10, this message is familiar:
This message will pop-up when you try run Powershell as admin:
The solution is quite simple. Follow these steps to start Powershell as Admin:
Firstly, search for Powershell in the start menu and select the option “open file location”:
After that, you need to use the following key combination in order to see the option below. Hold CTRL + SHIFT and right click on the shortcut. This option is added to the menu:
You now need to enter the credentials of the user which is going to run Powershell. This user must have local admin permissions on the device, otherwise this will not work. Furthermore, when you use a local account. You need make sure you put “.\” in front of the username. In the example I use a local account to clearify this.
After that, Powershell will start. Doublecheck by using the command “whoami” to verify whether the proper account is running Powershell.
We now have Powershell running as the local admin user but the Powershell session is not elevated. We can elevate the session by using the following command:
Start-Process Powershell -Verb RunAs
And now your Powershell session is elevated.
After that, you can modify (almost) anything on the device. That is how you RunAs admin on an Endpoint Manager device.
compmgmt.msc –> open Computer Management
services.msc –> open Services
ncpa.cpl –> open Network Adapters
appwiz.cpl –> open Programs & Features
control –> open Control Panel
More information about security baselines:
Endpoint Manager Packaging Script
One thought on “Endpoint Manager RunAs Admin”
[…] you can pick Administrative Tools to elevate on your endpoint.Why do you need this?In a previous blog post, I explained how you can create an elevated PowerShell session on Endpoint Managed device. I got […]