Run process as standard user but with elevated rights

Assuming there are two accounts in my system - one administrator and and the other a standard user (Windows 10).

I want to start a process with elevated rights from my standard user account. And when i see in the task manager, i want the process to be running under the standard user account but with elevation.

As in, the user column in the task manager should show the process being run in standard user account but the elevation column should show it is elevated.

If I got you right - that’s impossible. You have to be administrator to be able to run elevated processes.

Yeah I thought so too. But I heard that an endpoint security company (forgot the name) actually implemented this.

So was just curious as to how they might have done this.

In the end something need to elevate the process, which requires admin rights or using some sort of exploit.

But if your account have admin rights then the process will be show under your account with the “Elevated” flag set if you e.g. select ‘Run As Administrator’ on a program.
So it sounds like thats what they are doing, not elevating a process with an account that can’t elevate it.
Unless they launch processes with an already elevated process but in that case it would be under that first elevated process account that actually runs the new process.

coming from a linux/unix environment it seems that there is no equivalent to the root user in windows, admin is more of a sudo operation and the windows system account is not associated with a user login

On any standard Windows client system you have a local administrator … what’s the equivalent to root on linux.

agree in a sense. the same but different in certain ways. ubuntu admin is a good example. most owners of an ubuntu system never acctually use the root account, just as windows users would never actually use the system account. the difference being that one is possible and one is not

There is a distinct difference between local administrator and local system account on a Windows system. The local administrator account is (kind of) made to be used by a user to do administrative tasks on the system - the local system account is not. It’s there to run system task and services under the hood in the system.

What is the actual problem you like to solve? Is it script related?

i agree with Olaf. i digress on philosophy when i should be addressing the question :slight_smile:

Compared with ‘sudo’ the whole UAC-thing is pretty clunky, on the other it was an “after thought”.
But the process is kind of similar.
To compare the process to sudo it would be the “Run As Administrator” feature in either the GUI or commandline.
Your account would need to be a member of the local “administrators” group to use that feature (I guess somewhat equal to sudoers).

Only by logging into the local administrator account you would get the automatic elevation (same as root)