Device manager access for non admins
Try this im Curious.
If it does not work let me know I dont have a non admin account at my work desk.
Open a Text file and save the code below as DeviceManger.bat
@echo off
:: BatchGotAdmin
:-------------------------------------
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
set params = %*:"=""
echo UAC.ShellExecute "cmd.exe", "/c %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
del "%temp%\getadmin.vbs"
exit /B
:gotAdmin
pushd "%CD%"
CD /D "%~dp0"
:--------------------------------------
cls
echo.
echo Start as admin:
echo /------------------\
echo # 1. Device Manager#
echo \------------------/
echo.
set /p run=
if %run%==1 (
set run="devmgmt"
)
%run%
Run the .bat and press 1 and hit Enter.
Related videos on Youtube
jonboy
Updated on September 18, 2022Comments
-
jonboy about 1 year
Windows 7, 64bit.
Is it possible to allow non admins access to edit the device manager?
Currently when logged in as a non admin and I try to access the device manager I see the following;
I have tried to make the changes in gredit.msc but they don't seem to make any difference.
local computer policy > computer configuration > windows settings > security settings > local policies > user rights assignment > Load and unload device drivers > add specific user/group
The only thing that works is by adding my non admin user into the admin user group, this works fine. I'd rather not do this though, I'd prefer to give them access to the device manager only.
Any advice is appreciated.
-
Ramhound almost 8 yearsChanging the local group policy will have zero effect if the machine is connected to a domain. Is that the case? I currently have access to the device manager, and I am logged into a domain controlled machine, as a normal user. So is it possible: YES
-
jonboy almost 8 yearsIt's connected to an AD domain yes. However I have full admin control over the PC
-
Ramhound almost 8 yearsYou are a local user. You being a local Administrator on the machine means nothing if you are a normal user on the domain itself. A group domain policy overrides a local group policy always. Relevant Microsoft Documentation
-
jonboy almost 8 yearsSo is there any way I can resolve my issue?
-
Ramhound almost 8 yearsAs a non-administrator domain user, no, request your role be changed to an administrator
-
jonboy almost 8 yearsI don't think it's related to the AD domain. If I unplug the network cable and login as the same users it will be the same result? Perhaps I'm confused
-
-
jonboy almost 8 yearsThanks @NetworkKingPin - I'm very keen to try this! Can you tell me what this does? Before I mess up my PC completely lol
-
NetworkKingPin almost 8 yearsBasically it Pushes you to get admin privileges if you do not have them already. The code is safe i use it very often to elevate my batch scripts in my work place. First it tries to get admin access if denied it provides it temp Admin Access. And it wont kill your pc.
-
Ramhound almost 8 yearsThere is nothing in that script that would change the user group of a user