Jobs On A Windows Agent Require Administrator Privileges

Article ID:218501318
1 minute readKnowledge base


  • Jobs On A Windows Agent Require Administrator Privileges


  • CloudBees Jenkins Enterprise

  • Jenkins


By using the elevate - Command-Line UAC Elevation Utility (elevate.exe) and disabling UAC on the Windows machine, commands can be run with Administrator Privileges.

Please see the simple use case below:

Test environment consisting of a Jenkins controller and a Windows 7 JNLP Agent.

I downloaded the elevate-1.3.0-redist.7z file from the link above and put into the C:\Users\cloudbees\Downloads\elevateUtility directory on the Windows 7 machine.

I disabled UAC as documented in the link above.

I created an adminTest.bat file in the C:\Users\cloudbees\Documents directory that contained:

@echo off
::Test If script has Admin Priviledges/is elevated
net session >nul 2>&1
 ECHO you are Administrator
) ELSE (
 ECHO you are NOT Administrator. Exiting...
 PING > NUL 2>&1
 EXIT /B 1

I created a Freestyle project called testElevate on my Jenkins controller that was restricted to run on the Windows agent machine with the following Windows bat command step:

echo "Begin elevate Test"
cd C:\Users\cloudbees\Documents
C:\Users\cloudbees\Downloads\elevateUtility\bin.x86-32\elevate.exe -k adminTest.bat

which produced the following on the Windows JNLP Agent:


With this proposed solution you should be able to modify the specific projects/jobs in Jenkins to execute commands like .bat files with elevate for example, to get Administrator privileges.

Please note that I used the -k flag in the elevate.exe command to cause the cmd prompt to remain open to validate and document the output of the adminTest.bat file.