There are lots of limitations when trying to troubleshoot end user computer. I have to log in with their normal user account and see what is happening to their machine. At the same time, I have to use some command line to run some commands from CMD or PowerShell as admin.

Unfortunately, Group Policy has disabled to use admin mode for CMD and PowerShell:

The error message I got is when I tried to run them as admin:

“This app has been blocked by your system administrator. Contact your system administrator for more info.”

From CMD to Run CMD and Powershell as Administrator

Here is my way to get this working for cmd or PowerShell:
1. For CMD, use runas :
runas /user:[email protected] cmd

C:\Users\netsec>runas /user:[email protected] cmd
Enter the password for [email protected]:
Attempting to start cmd as user "[email protected]" ...

C:\Users\netsec>

2. For PowerShell,
from method 1 opened CMD (runas) windows, directly run PowerShell

C:\windows\system32>powershell
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.
Try the new cross-platform PowerShell https://aka.ms/pscore6

PS C:\windows\system32>

Commands in CMD

Once you are in admin CMD or Powershell mode, you can launch following programs in admin mode to do further troubleshooting:

  1. MMC
  2. Regedit
  3. secpol.msc
  4. eventvwr 
  5. systeminfo

For example: check remote system’s boot time:

SystemInfo /s Remote_Computer | find "Boot Time:"

By Jon

Leave a Reply