With the release of Windows 11 version 24H2 in September 2024, Microsoft introduced Sudo for Windows, adding Linux-like functionality for managing system privileges.
Having Sudo on Windows allows us to execute commands with administrative rights directly from a non-elevated console session, making it easier to run administrative tasks without needing to manually switch to an elevated prompt. I’ll try help explain more in this post.
Note, Sudo for Windows is not available on Windows Server editions. I’ll explain more on that too!
Contents:
1. How to Install Sudo for Windows.
2. How to Use Sudo on Windows.
3. Security Considerations.
4. Sudo is not Available on Windows Server.
5. More Sudo, More!
1. How to Install Sudo for Windows
To use Sudo on Windows, ensure your computer is fully patched with the latest Windows 11 build. If you’re still on Windows 10, consider upgrading!
Once you’re on a supported version, go to Settings > System (Sidebar) > For Developers and toggle on the “Enable Sudo” option.
Alternatively, you can enable Sudo for Windows by running the following command in an elevated console session (run PowerShell as Admin):
# Enable sudo (Windows 11 build 26052+) # Run within Administrator Windows PowerShell Session sudo config --enable enable
2. How to Use Sudo on Windows 11
To use sudo on Windows, simply run sudo <command> in the command prompt to elevate the command as an administrator. It will trigger a UAC prompt for permission.
Windows Sudo: Example 1
1. Open PowerShell (not as Admin).
2. Run a command that would normally require elevated permissions:
# Example; start SQL Server service on Windows net start MSSQLSERVER
The above command fails: Access Denied.
3. Re-run the command with Sudo:
# Example; start SQL Server service on Windows net start MSSQLSERVER
4. Accept the UAC Prompt.
After accepting the UAC prompt, the command will execute successfully, my SQL Server service started without issues in this case.
Windows Sudo: Example 2
We can also promote our current non-admin PowerShell Terminal session to an Administrator PowerShell session. This is done simply by running sudo pwsh:
Other Tests
Here’s a list of single sudo commands that have worked for me in testing:
# Working sudo single command examples sudo net stop MSSQLSERVER sudo net start MSSQLSERVER sudo net use sudo regedit sudo ipconfig sudo netstat sudo mkdir sudo diskpart sudo fsutil sudo powercfg sudo icacls
Note that sudo on Windows currently doesn’t allow running commands as other users, unlike the runas command. It also doesn’t have full functionality, so try not to expect all your familiar Linux compatible commands work with it.
3. Security Considerations
While Sudo for Windows offers great convenience, be mindful of Security Implications:
– DisableInput and Normal configurations may allow non-elevated processes to interact with the elevated process, which could expose your system to risks.
– The forceNewWindow configuration is the safest option for most users, as it isolates elevated commands in a separate window, minimizing security concerns.
4. Sudo is not Available on Windows Server
Sudo for Windows will not be available on Windows Server editions, one place this was mentioned by Microsoft was on the Windows 11 Insider Preview Build 26052 post, where it states the following:
NOTE: The setting for enabling Sudo may incorrectly be showing on Windows Server Insider Preview builds – this feature will not be available on Windows Server and the setting will be disabled in a future Server Insider Preview build.
5. More Sudo, More!
If you’re looking for additional features beyond what Sudo for Windows offers, consider exploring gsudo, a third-party utility that provides more configuration options and functionality. Gsudo is a useful tool if you need more control over elevated commands.
I hope this overview helps you get started with Sudo for Windows! If you have any questions or need further clarification, feel free to add a comment below with your experience of it.
Leave a Reply