Greg Shultz shows you how to create a task in Task Scheduler that will launch an application with the highest available privileges in Microsoft Windows Vista, and then he shows you how to create a shortcut to run that app anytime you want.
Back in February of this year, I wrote an article titled "Make Vista launch UAC restricted programs at startup with Task Scheduler" in which I showed you how to use Task Scheduler to make Vista run UAC restricted programs at startup. The secret to this technique is that Task Scheduler allows you to configure tasks to run at start up and to run with the highest available privileges, thus bypassing the UAC.
While this is a great workaround to the UAC problem, it originally occurred to me that this technique would only be good for running UAC restricted programs at startup. However, I recently discovered that this technique can be used to launch UAC restricted programs at any time with a specially constructed shortcut.
I show you how to create a task in Task Scheduler that will launch a task with the highest available privileges, and then l show you how to create a shortcut to run the task anytime that you want.
This blog entry is also available in the PDF format as an entry in the TechRepublic Microsoft Windows blog.
Creating the taskLet's suppose that the program that you want to be able to run without first encountering a UAC is Device Manager. To make Device Manager run from Task Scheduler, you must be logged on to the Vista system with an account that has Administrative privileges. To begin, click the Start button, type Task Scheduler in the Start Search box, and press [Enter]. In a moment, you'll see a UAC and when you respond appropriately, you'll see the Task Scheduler window as shown in Figure A.
Once Task Scheduler is up and running, you can create a new task for your UAC restricted program.In order to create a task to run Device Manager you'll begin by clicking the Create Task item in the Actions panel. When the Create Task dialog box appears, you'll assign the task a name in the Name box and type a description in the Description box if you want, as shown in Figure B.
Make sure that you select the Run With Highest Privileges check box.
At the top of the Security Options panel, you should see your administrative user account, which, as you can see, is the account that Task Manager will use to run the task. Next, select the Run With Highest Privileges check box and leave all the other settings in the default configuration.Select the Actions tab and then click the New button. When you see the New Action dialog box, click the Browse button and locate the Device Manager's MSC file, as shown in Figure C. Leave all the other settings in the default configuration and click OK.
Use the Browse button to locate and select the program that you want to automatically run when you log on.When you return to the Create Task dialog box, select the Settings tab and make sure that the Allow Task To Be Run On Demand check box is selected. Also make sure that the If The Task Is Already Running, Then The Following Rule Applies drop down is set to Do Not Start A New Instance, as shown in Figure D.
Make sure that the Allow Task To Be Run On Demand check box is selected on the Setting tab.
To complete the operation, click OK to close the Create Task dialog box and then close Task Scheduler.
Creating the shortcut
Since you configured Task Scheduler to launch your UAC restricted program using the Run With Highest Privileges setting, the UAC is essentially bypassed. No all you have to do is create a specially configured shortcut to launch the task.
Right-click on the desktop and select New | Shortcut from the context menu to access the Create Shortcut wizard. Type:
schtasks /run /TN "Launch Device Manager"in the Type The Location Of The Item text box, as shown in Figure E. Take note that this command line uses the exact same name of the scheduled task that you created earlier. Then, click Next.
Make sure that you enclose the scheduled task name in double quotes.
Type Launch Device Manager in the Type A Name For This Shortcut text box and click Finish.
You can now launch Device manager at any time without having to deal with a UAC prompt. To see for yourself, just double-click the shortcut to make sure that is works correctly. You can drag the shortcut over to the Start menu or the Quick Launch toolbar.