Importing a certificate fails due to lack of permissions

Attempting to import 2 certs on a Windows 7 clients into the users personal user store and the CA stores with a CertUtil bat script. The script works fine but, only when the logged in user has local administrator rights. Any idea's how I get these scripts to run without giving the user local administrator rights? Open to other ideas and approaches as well.
Who is Participating?
Steven HarrisConnect With a Mentor PresidentCommented:
You can have the script call itself with PsExec's -h option to run elevated.

or you can move over to PowerShell which can run most of the cmd scripts.

If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))

$arguments = "& '" + $myinvocation.mycommand.definition + "'"
Start-Process powershell -Verb runAs -ArgumentList $arguments


Open in new window

jwill80Author Commented:
Thanks. Tried using a power shell script and it imports the machine cert into the users personal machine store, and used GPO to target the root  cert. However, the client isn't authenticating even thought the certs are in the proper stores. Reviewing logs to see what the issue is.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.