cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Jspeer1
Helper II
Helper II

Run Desktop Flow as Admin? (third attempt)

This is my third post on this topic and no answer to this day.

 

I have built a flow out at least 7 different ways and it will not work.

 

I am a domain user on a domain PC.

I have local administrator rights.

Powershell ISE is set to open as an admin.

UAC is disabled.

Power Automate Desktop app is set to open as admin.

 

All I need is to have the ability to run a script that will add a domain user to a remote computer's local admin group.

I have 4 lines of PowerShell that get that done but there is no way to do it as Flow runs Powershell as a mortal user.

I have tried the following workarounds:

 

1. Launch Powershell ISE and copy paste the code using the Flow Desktop App. Fails since now ISE is running as admin.

2. Luanch a cmd session that calls on my PS1 script as admin. Can't do it.

3. Launch a bat file that calls my PS1 script as admin. Can't interact with the UI now because again, it's running as an admin.

4. Manually map the mouse to launch the PS1 script shortcut as admin. Same thing.

 

I need 4 lines of code executed. I can execute the code perfectly fine but Flow won't do it for me?

 

PS: I have to run this code a couple hundred times and the rest of my Flow itself automates the receiving the requests, parsing out asset tags and usernames and storing all that into variables so even though it simple I've literally automated it all.

1 ACCEPTED SOLUTION

Accepted Solutions
miketran13
Solution Specialist
Solution Specialist

Hi, 

I got your problems. This is what I have not tried yet but please try if you think it is possible.

 

Since you can't interact with the PowerShell script run as administrator, so you should try another way. First, you can write your params to a CSV / Text / Xml file in PAD. Then from your PowerShell script you will need to read the params from this file. When you finished with your PowerShell steps, you should write a status to a new file. Then from your PAD step, you can wait for that file is created and to finish your steps in PAD.

Untitled.png

Untitled1.png

 

That was my thoughts. I'm not sure it is applicable for you or not. But it worth a try I think 🙂 

 

Thanks and hope it can help you. 

Mike

---------------------------------

Did I answer your question? Please consider to Mark my post as a solution! to guide others

View solution in original post

9 REPLIES 9
miketran13
Solution Specialist
Solution Specialist

Hi there,

 

It's a tricky thing. Have you tried this yet? Ensure the PowerShell script itself can run as administrator. 

 

You can add this at the beginning of your powershell script. 

 

 

if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs; exit }

 

 

Thanks and hope it can help you. 

Mike

---------------------------------

Did I answer your question? Please consider to Mark my post as a solution! to guide others

Hi,

 

Thanks for the tip. I did try this. 

What happens is no matter what you do or how you do it, if you have a process or UI that is now running as an elevated user, Flow will not interact with it. I can confirm because I can have 2 windows side by side, one normal and the other elevated and the elevated one gets completely ignored even by UI selector.

 

You try and send a mouse click on the elevated UI and it will fail.

 

But thanks for the input:) 

miketran13
Solution Specialist
Solution Specialist

Hi 

 

I see your problem and What I mean is that, you just need to make your PowerShell script you need to be run as an Administrator and you don't need to interact with it. Since, you can't interact with the PowerShell while running as an administrator so that you have to use another way to verify the status by creating a log file in the PowerShell script. So, your PowerShell script will be run as an administrator without interaction and it will write the status to a text file or csv file or whatever. 

Then your flow needs to wait for that file with the status. So, you just need to call your PowerShell script (with the elevated code inside) from Power Automate Desktop.

 

Screenshot 2021-01-27 060953.png

 

Thanks and hope it can help you. 

Mike

---------------------------------

Did I answer your question? Please consider to Mark my post as a solution! to guide others

Jspeer1
Helper II
Helper II

@miketran13 

 

Thanks for getting back to me.

So I did just that.

 

I saved me PS1 script with the code snippet you posted earlier and ran Desktop Flow. It will run the PS1 as an administrator.

 

How do I go about:

1. Getting the output to then use as conditions in Flow?

2. I do need my 2 variables from Flow to be inputted or rather written to the PS1 script itself. I now cannot input anything if I do read-host as Flow will not interact with the UI as it's running as admin, but my script for sure needs two variables which are obtained by my previous steps in flow.

 

Here is a visual representation of my PS1:

ps11.PNG

 

I need $UserName and $ComputerName to be "filled out" with variables my flow currently already gathers and stores. Maybe have a way where my Desktop Flow can "write" to the PS1 to store the Variables before it executes the script?

 

 

Thanks again, this is further than I've ever gotten.

miketran13
Solution Specialist
Solution Specialist

Hi, 

I got your problems. This is what I have not tried yet but please try if you think it is possible.

 

Since you can't interact with the PowerShell script run as administrator, so you should try another way. First, you can write your params to a CSV / Text / Xml file in PAD. Then from your PowerShell script you will need to read the params from this file. When you finished with your PowerShell steps, you should write a status to a new file. Then from your PAD step, you can wait for that file is created and to finish your steps in PAD.

Untitled.png

Untitled1.png

 

That was my thoughts. I'm not sure it is applicable for you or not. But it worth a try I think 🙂 

 

Thanks and hope it can help you. 

Mike

---------------------------------

Did I answer your question? Please consider to Mark my post as a solution! to guide others

Thank you! I was finally able to put it all together. I ended up storing the two variables in a text file and them my main PS script called those variables with Get-Content. Works like a charm.

 

if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs; exit }

Thanks for this, it seems to be a life-saver to me. However I have the exact same PS1 file on two Windows 10 machines, one machine executes this line without asking any question, but on the other machine when this line is executed the UAC asks the PowerShell to open as Administrator which stops the PAD from executing the PS1 file entirely.


mohammadtaha_0-1632992192337.png

 

What might be causing this?

I don't know what is causing it, but you can put a workaround.  I've done something similar where I loop looking for two images.  1 image (the interruption like this) performs an action, in this case Send Keys {Tab}{Enter}.

 

The other image (the right one) exits the loop and continues the flow.  So it looks like this:


  • Loop starting at 1 to index 9999
    • If %interruption_image% exists
      • Send Keys {Tab}{Enter}
      • Exit Loop
    • End IF
    • If %success_image% exists
      • Exit Loop
    • End IF
  • End Loop
  • Continue Process

Best of Luck!

 

Hi @Jspeer1 and @miketran13 , If I understand this thread correctly, I have the same issue what you faced as below. 

 

I have to run my PAD flow ( in unattended\attended mode ) using local administrator privileges, because with normal user , I can't be able to interact my UI elements and automation is not recognizing the UI elements with in the application. UAC has to be disabled otherwise it is interrupting for automation. 

 

could you please give me a clue , how can I call this PAD flow from Cloud flow and run it with PAD administrator ?

 

 

Helpful resources

Announcements
Register for a Free Workshop.png

Register for a Free Workshop

Learn to digitize and optimize business processes and connect all your applications to share data in real time.

September Events 2022

Check out all of these events

Attend in person or online, there are incredible conferences and events happening all throughout the month of September.

Top Kudoed Authors
Users online (1,907)