If UAC were that easily bypassed, it would be thoroughly abused by malware...
If you have a Windows Domain, then use a GPO to add the cert to everyone's system. Or set it up as a one-time scheduled job. The SYSTEM rights should be sufficient. Or, try to use CPUA http://www.joeware.net/freetools/tools/cpau/index.htm *ASB *(Professional Bio <http://about.me/Andrew.S.Baker/bio>) *Harnessing the Advantages of Technology for the SMB market... * On Mon, Apr 18, 2011 at 2:46 PM, Jonathan <[email protected]> wrote: > Ok, I'm beating my head against the wall here, and Google isn't providing > me much by way of insight. I believe this is a UAC issue, but being new to > Win7 (I never used Vista), I'm at a loss. > > I need to install a certificate to the Trusted Root store via a batch file. > The trick is, this is being done on laptops that are remotely connected via > vpn and are not members of the domain. > > I've got this command in my batch file: > > certmgr.exe -add mycertname.cer -s -r localMachine ROOT > > It works like a champ IF I travel to where I have copied CertMgr.exe (in > this case I used the env variable %TEMP%) and right click on certmgr.exe. I > go into the compatibility tab and click the checkbox for "Run as > Administrator". > > Is there any way to change that setting from the command line? I'm trying > to make this batch as silent and end-user friendly as possible, and this is > the ONLY thing keeping me from deploying it. > > -- > Jonathan, A+, MCSA, MCSE > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
