By /
allow an application to run with admin rights

How to allow an application to run with admin rights in ThreatLocker?

This document outlines the step-by-step process of how to allow an application to run with admin rights in ThreatLocker Dashboard.

This article is a part of our ThreatLocker How-to Guides series, Chapter 07 – Elevation Control (Privilege Management).

buy threatlocker licenses at predictable cost!

Introduction

Some applications require administrator privileges to function properly, such as Command Prompt (CMD), diagnostic tools, or system utilities. Using ThreatLocker Elevation Control, you can allow specific apps to run with elevated rights—without giving full admin access to users.

This guide will walk you through the steps to create a policy that allows CMD to run as local administrator.

Implementation

Step 1: Access the Application Control Module

  1. Log in to the ThreatLocker Portal.
  2. Navigate to Modules > Application Control
  3. Click Create Policy
enable elevation control in ThreatLocker

Step 2: Create the Elevation Policy

  1. Fill the policy form:
  • In the Details section:
    • Name: Elevation Control – CMD
    • Description: Allow running CMD as local administrator
  • In the Applied To section:
    • Select the target computer or computer group where the policy should apply
allow an application to run with admin rights
  • In the Condition section:
    • Select the application: Command Prompt (CMD)
    • Choose All Interfaces
    • Select “No Policy Expiration” to ensure the rule remains active indefinitely.
  • In the Action section:
    • Enable “Assist with programs that require local administrator privileges”
      • Select “Elevate to run as local administrator”
        • (Optional) Enable “Notify User” to inform the user
      • (Optional) Set a duration for how long elevation should be active (e.g., 30 minutes, 12 hours)

2. Click Create to save the policy once all fields are completed

allow an application to run with admin rights

Step 3: Deploy the Policy to allow an application to run with admin rights in ThreatLocker

Deploy the policy from the policy list to enforce it on the target devices

contact us for threatlocker deployment and maintenance services

Conclusion

Granting admin rights to specific applications like CMD through ThreatLocker Elevation Control helps support IT operations while enforcing the principles of least privilege and Zero Trust.

This approach limits risk, ensures visibility, and gives users the access they need, only when they need it.

purchase threatlocker licenses online!

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top