starred/terminal
1
0
Fork 0
mirror of https://github.com/microsoft/terminal.git synced 2026-05-06 20:34:29 +00:00
Code Issues 19.0k Packages Projects Releases 20 Wiki Activity

Terminal can not run as administrator account in domain enviroment #5213

New Issue
Closed
opened 2026-01-31 00:07:41 +00:00 by claunia · 10 comments
claunia commented 2026-01-31 00:07:41 +00:00
Owner
Copy Link

Originally created by @tlsalex on GitHub (Nov 27, 2019).

Environment

Windows build number: Microsoft Windows [Version 10.0.18362.295
Windows Terminal version (if applicable):Windows Terminal (Preview) Version: 0.7.3291.0

Any other software? Ubuntu from microsoft store.

Steps to reproduce

Logon with windows system with a non domain admin account.
Find windows terminal shortcut , right click on it , choose run as administrator.
Input your local admin account or domain admin account when you get prompted.

Expected behavior

Terminal will start powershell with privileged rights, that means powershell will run under a privileged context, which can be used to managed other computer in a domain.

Actual behavior

It shows me an error which is system can not find windows terminal. See bellow image
runas_admin

I know I can create a variable that hold the credential of my admin account that used to manage other computer in a domain. but that's not what I want .

I want to make powershell runs under a privileged context directly when I launch terminal.

Originally created by @tlsalex on GitHub (Nov 27, 2019). <!-- 🚨🚨🚨🚨🚨🚨🚨🚨🚨🚨 I ACKNOWLEDGE THE FOLLOWING BEFORE PROCEEDING: 1. If I delete this entire template and go my own path, the core team may close my issue without further explanation or engagement. 2. If I list multiple bugs/concerns in this one issue, the core team may close my issue without further explanation or engagement. 3. If I write an issue that has many duplicates, the core team may close my issue without further explanation or engagement (and without necessarily spending time to find the exact duplicate ID number). 4. If I leave the title incomplete when filing the issue, the core team may close my issue without further explanation or engagement. 5. If I file something completely blank in the body, the core team may close my issue without further explanation or engagement. All good? Then proceed! --> <!-- This bug tracker is monitored by Windows Terminal development team and other technical folks. **Important: When reporting BSODs or security issues, DO NOT attach memory dumps, logs, or traces to Github issues**. Instead, send dumps/traces to secure@microsoft.com, referencing this GitHub issue. If this is an application crash, please also provide a Feedback Hub submission link so we can find your diagnostic data on the backend. Use the category "Apps > Windows Terminal (Preview)" and choose "Share My Feedback" after submission to get the link. Please use this form and describe your issue, concisely but precisely, with as much detail as possible. --> # Environment ```none Windows build number: Microsoft Windows [Version 10.0.18362.295 Windows Terminal version (if applicable):Windows Terminal (Preview) Version: 0.7.3291.0 Any other software? Ubuntu from microsoft store. ``` # Steps to reproduce Logon with windows system with a non domain admin account. Find windows terminal shortcut , right click on it , choose run as administrator. Input your local admin account or domain admin account when you get prompted. # Expected behavior Terminal will start powershell with privileged rights, that means powershell will run under a privileged context, which can be used to managed other computer in a domain. # Actual behavior It shows me an error which is system can not find windows terminal. See bellow image ![runas_admin](https://user-images.githubusercontent.com/36788337/69685035-e9935400-10f5-11ea-8c04-5ce115541421.png) I know I can create a variable that hold the credential of my admin account that used to manage other computer in a domain. but that's not what I want . # I want to make powershell runs under a privileged context directly when I launch terminal.
claunia added the Resolution-ExternalNeeds-Tag-Fix labels 2026-01-31 00:07:41 +00:00
claunia commented 2026-01-31 00:07:42 +00:00
Author
Owner
Copy Link

@ChrisMcKee commented on GitHub (Nov 27, 2019):

v 0.7.3291.0 from the store seems to allow it; though
image

The UAC does call it "unknown program" though which is odd

@ChrisMcKee commented on GitHub (Nov 27, 2019): v 0.7.3291.0 from the store seems to allow it; though ![image](https://user-images.githubusercontent.com/83597/69714740-e81a5980-10fe-11ea-9c35-d49e6c65297b.png) The UAC does call it "unknown program" though which is odd
claunia commented 2026-01-31 00:07:42 +00:00
Author
Owner
Copy Link

@tlsalex commented on GitHub (Nov 27, 2019):

Hello @ChrisMcKee ,
Maybe you are not in a domain enviroment.

@tlsalex commented on GitHub (Nov 27, 2019): Hello @ChrisMcKee , Maybe you are not in a domain enviroment.
claunia commented 2026-01-31 00:07:42 +00:00
Author
Owner
Copy Link

@tinomager commented on GitHub (Nov 27, 2019):

In my case (domain environment) the above mentioned version works with administrative priviledges. I simply started via "Run as administrator" and could perform adminstrative tasks.

@tinomager commented on GitHub (Nov 27, 2019): In my case (domain environment) the above mentioned version works with administrative priviledges. I simply started via "Run as administrator" and could perform adminstrative tasks.
claunia commented 2026-01-31 00:07:42 +00:00
Author
Owner
Copy Link

@ChrisMcKee commented on GitHub (Nov 27, 2019):

Maybe you are not in a domain environment.

No I was testing the first bit before you edited it 👍
image

@ChrisMcKee commented on GitHub (Nov 27, 2019): > Maybe you are not in a domain environment. No I was testing the first bit before you edited it 👍 ![image](https://user-images.githubusercontent.com/83597/69730688-6e936300-1120-11ea-86c0-ecddb961a5f2.png)
claunia commented 2026-01-31 00:07:42 +00:00
Author
Owner
Copy Link

@tlsalex commented on GitHub (Nov 27, 2019):

In my case (domain environment) the above mentioned version works with administrative priviledges. I simply started via "Run as administrator" and could perform adminstrative tasks.

Could I know, you login with a domain admin account directly and then choose "run as administrator" when you right click on it , or you login with a non domain admin account ,and choose run as administrator ,then type your admin account?

@tlsalex commented on GitHub (Nov 27, 2019): > > > In my case (domain environment) the above mentioned version works with administrative priviledges. I simply started via "Run as administrator" and could perform adminstrative tasks. Could I know, you login with a domain admin account directly and then choose "run as administrator" when you right click on it , or you login with a non domain admin account ,and choose run as administrator ,then type your admin account?
claunia commented 2026-01-31 00:07:42 +00:00
Author
Owner
Copy Link

@JasonCraneAdkins commented on GitHub (Nov 29, 2019):

Hi,

same Problem here.

when you login in to Windows with an domain or Local Admin-Account it works just fine.

This problem only occurs when you are logged in to Windows with a non Admin account (local or domain).
if you then right click an choose run as administrator, you get a UAC Popup that asks for an Account with admin rights. This happens twice.

Afterwards you get the error message mentioned above.

@JasonCraneAdkins commented on GitHub (Nov 29, 2019): Hi, same Problem here. when you login in to Windows with an domain or Local Admin-Account it works just fine. This problem only occurs when you are logged in to Windows with a non Admin account (local or domain). if you then right click an choose run as administrator, you get a UAC Popup that asks for an Account with admin rights. This happens twice. Afterwards you get the error message mentioned above.
claunia commented 2026-01-31 00:07:43 +00:00
Author
Owner
Copy Link

@DHowett-MSFT commented on GitHub (Nov 30, 2019):

So this is a curious issue -- it's the intersection of "Windows Store" deployment issues and our existing issue #1032 about user elevation.

The core issue in this case is that the Terminal package is registered for your local session user and not for the user as whom you're authenticating. If you do install Terminal for that user (through some combination of powershell commands likely expressed in #1032), you'll be able to runas them.

@DHowett-MSFT commented on GitHub (Nov 30, 2019): So this is a curious issue -- it's the intersection of "Windows Store" deployment issues and our existing issue #1032 about user elevation. The core issue in _this_ case is that the Terminal package is registered for your local session user and not for the user as whom you're authenticating. If you do install Terminal for that user (through some combination of powershell commands likely expressed in #1032), you'll be able to _runas_ them.
claunia commented 2026-01-31 00:07:43 +00:00
Author
Owner
Copy Link

@JasonCraneAdkins commented on GitHub (Dec 2, 2019):

Hi,

i could find the Powershell commands you mentioned.
Are you talking about the Script “StartUWPFromCommandLine.ps1” and the Command “Start-locally” ?
If so, I will test this as well.
I checked that Terminal is installed for AllUsers, and it was.
Reinstalling Terminal while I was logged in with my delegation/admin-account.
Afterwards it was possible to start Terminal as admin with my delegation/admin-account.
To me this workaround fixes my problem. I only need it on a few computer.

If I understand it right, it is an general Appx Problem and not a Terminal App problem
Thank you!

@JasonCraneAdkins commented on GitHub (Dec 2, 2019): Hi, i could find the Powershell commands you mentioned. Are you talking about the Script “StartUWPFromCommandLine.ps1” and the Command “Start-locally” ? If so, I will test this as well. I checked that Terminal is installed for AllUsers, and it was. Reinstalling Terminal while I was logged in with my delegation/admin-account. Afterwards it was possible to start Terminal as admin with my delegation/admin-account. To me this workaround fixes my problem. I only need it on a few computer. If I understand it right, it is an general Appx Problem and not a Terminal App problem Thank you!
claunia commented 2026-01-31 00:07:43 +00:00
Author
Owner
Copy Link

@DHowett-MSFT commented on GitHub (Dec 2, 2019):

Thanks for following up. You're right -- this is an appx problem, not a Terminal problem.

@DHowett-MSFT commented on GitHub (Dec 2, 2019): Thanks for following up. You're right -- this is an appx problem, not a Terminal problem.
claunia commented 2026-01-31 00:07:43 +00:00
Author
Owner
Copy Link

@brentil commented on GitHub (Jan 7, 2020):

Reinstalling Terminal while I was logged in with my delegation/admin-account.
Afterwards it was possible to start Terminal as admin with my delegation/admin-account.
To me this workaround fixes my problem. I only need it on a few computer.

I know this is closed but wanted to make comment on this for others in the same environment as we are. If you're running certain security compliance requirements you're not allowed to login as an admin locally on a system so you would never be able to login as an account you delegate to install items. This makes it impossible to install WT from the Store. Is it possible to side load install it without ever longing in? However, then you would be required to manually update WT every time yourself though.

@brentil commented on GitHub (Jan 7, 2020): > Reinstalling Terminal while I was logged in with my delegation/admin-account. > Afterwards it was possible to start Terminal as admin with my delegation/admin-account. > To me this workaround fixes my problem. I only need it on a few computer. I know this is closed but wanted to make comment on this for others in the same environment as we are. If you're running certain security compliance requirements you're not allowed to login as an admin locally on a system so you would never be able to login as an account you delegate to install items. This makes it impossible to install WT from the Store. Is it possible to side load install it without ever longing in? However, then you would be required to manually update WT every time yourself though.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Reserved
A11yCO
A11yMAS
A11ySev1
A11ySev2
A11ySev3
A11yTTValidated
A11yUsable
A11yVoiceAccess
A11yWCAG
Area-Accessibility
Area-AtlasEngine
Area-AzureShell
Area-Build
Area-Build
Area-Chat
Area-CmdPal
Area-CodeHealth
Area-Commandline
Area-CookedRead
Area-DefApp
Area-Extensibility
Area-Fonts
Area-GroupPolicy
Area-i18n
Area-Input
Area-Interaction
Area-Interop
Area-Localization
Area-Output
Area-Performance
Area-Portable
Area-Quality
Area-Remoting
Area-Rendering
Area-Schema
Area-Server
Area-Settings
Area-SettingsUI
Area-ShellExtension
Area-ShellExtension
Area-ShellExtension
Area-Suggestions
Area-Suggestions
Area-TerminalConnection
Area-TerminalControl
Area-Theming
Area-UserInterface
Area-VT
Area-Windowing
Area-WPFControl
AutoMerge
Blocking-Ingestion
Culprit-Centennial
Culprit-WinUI
Disability-All
Disability-Blind
Disability-LowVision
Disability-Mobility
External-Blocked-WinUI3
Fixed
Gathering-Data
good first issue
HCL-E+D
HCL-WindowsTerminal
Help Wanted
Impact-Compatibility
Impact-Compliance
Impact-Correctness
Impact-Visual
In-PR
InclusionBacklog
InclusionBacklog-Windows TerminalWin32
InclusionCommitted-202206
Issue-Bug
Issue-Docs
Issue-Feature
Issue-Feature
Issue-Question
Issue-Samples
Issue-Scenario
Issue-Task
Needs-Attention
Needs-Author-Feedback
Needs-Bisect
Needs-Discussion
Needs-Repro
Needs-Tag-Fix
Needs-Tag-Fix
Needs-Triage
No-Recent-Activity
Priority-0
Priority-1
Priority-2
Priority-3
Product-Cmd.exe
Product-Colortool
Product-Colortool
Product-Colortool
Product-Conhost
Product-Conpty
Product-Meta
Product-Powershell
Product-Terminal
Product-WSL
pull-request
Mirrored from GitHub Pull Request
 Resolution-Answered
Resolution-By-Design
Resolution-Duplicate
Resolution-External
Resolution-Fix-Available
Resolution-Fix-Committed
Resolution-No-Repro
Resolution-Won't-Fix
Severity-Blocking
Severity-Crash
Severity-DataLoss
spam
this-will-be-a-breaking-change
Tracking-External
WindowsTerminal_Win32
Work-Item
zAskModeBug
zInbox-Bug
No Label Needs-Tag-Fix Resolution-External
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
claunia
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/terminal#5213
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?