WinSCP launched by script running as admin, but should not run as admin: "RunAsInvoker" not working? :: Support Forum

Ccyz7
Joined:: 2020-12-02
Posts:: 3

WinSCP launched by script running as admin, but should not run as admin: "RunAsInvoker" not working?

2025-06-04 22:04

Hi,
I have a setup in which WinSCP is launched by a script running as admin (I have no other option for out-of-topic reasons).

However, I do NOT want WinSCP to run as admin (because if so, I can't drag and drop files from Windows Explorer, and I miss this).

The common solution for this is to do a registry key:

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
"D:\software\WinSCP-Portable\WinSCP.exe"="RunAsInvoker"

But this seems ignored and I still can't drag and drop files from files Explorer windows.

How to solve this?
Thank you in advance! :)

Reply with quote

martin◆ Site Admin
Joined:: 2002-12-10
Posts:: 42,146
Location:: Prague, Czechia

Re: WinSCP launched by script running as admin, but should not run as admin: "RunAsInvoker" not working?

2025-06-05

I do not think that RunAsInvoker does what you want.
What it does is that when the app is marked to request Administrator privileges on start, it does not grant them.
But it does not relinquish Administrator privileges if the calling process already has them.
And WinSCP is not marked to request Administrator privileges anyway.

This is not really a WinSCP question, but possible solutions are (in general):

If the intended account does not have administrator privileges, explicitly run WinSCP with that account:
```
runas /user:StandardUsername "WinSCP.exe"
```
Run WinSCP via ad hoc temporary task scheduler task without Administrator privileges.
Run WinSCP via explorer process:
```
explorer WinSCP.exe
```

Reply with quote

Ccyz7
Joined:: 2020-12-02
Posts:: 3

Re: WinSCP launched by script running as admin, but should not run as admin: "RunAsInvoker" not working?

2025-06-14 10:04

Thank you very much Martin for your answer!

explorer WinSCP.exe

solves the problem indeed.

It is strange to have to use this (not only for WinSCP), but if it works, that's good :)
Here is the full picture, you will probably have a better idea, with your deep knowledge of Windows internals.

I use Autohotkey to launch various software (including WinSCP) with keyboard shortcuts
Since I want the keyboard shortcuts to be caught from everywhere (including when the current window focus is in a program run with admin rights), I need to run the Autohotkey script as admin. If not, the keyboard shortcuts won't be caught in a admin cmd.exe for example.
Then Autohotkey launches WinSCP as admin as well
Then I cannot drag/drop files from/to desktop or file explorer with WinSCP

With this big picture, what am I doing wrong?

Linked: How to "Run" without administrator privileges?? : r/AutoHotkey

PS: you're right, setting

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
"c:\path\to\app.exe"="RunAsInvoker"

doesn't work if the script launching it (like AutoHotkey) is elevated... If an elevated process (my AHK script running as admin) launches a child process, Windows will inherit elevated privileges, regardless of RunAsInvoker. This overrides the compatibility setting.

Reply with quote

martin◆ Site Admin

Re: WinSCP launched by script running as admin, but should not run as admin: "RunAsInvoker" not working?

2025-06-16

I do not see anything wrong about what you are doing.

Reply with quote

WinSCP launched by script running as admin, but should not run as admin: "RunAsInvoker" not working?