HopkinsProg Posted October 5, 2009 Share Posted October 5, 2009 (edited) I have several scripts that I use under Windows XP that basically use an Administrator account (at the domain level) to run certain things that standard users cannot. Under Windows 7, these scripts now fail to run, I assume because of Windows 7's UAC protection.For example, the below code basically launches the MalwareBytes Anti-Malware installer as an administrator.RunAsWait("domainAdmin","dc.me.com","********",0,"mbam-setup.exe",@ScriptDir)The above code works as expected under Windows XP (The installer window opens and is able to write to @ProgramFilesDir). Under Windows 7, the installer is never launched. If I change the '0' to a '2' (to use network credentials only, vs interactive/no profile), it launches as the logged on user and asks for an admin logon. If I try to run a command line, "cmd /k net localgroup groupName user@dc.me.com /add", I get an access denied (error #5) message, because the command window is not elevated.I have implemented a local group policy, which I had hoped would alleviate this password requirement issue - For Administrators in Approval Mode, it is set to "Elevate without Prompting".Basically, all I need to be able to do is to perform a "Run As" command, using a username, domain, and password that I provide so that I can perform Administrative functions. With UAC on, I am prevented from doing this. Is there anything I can do to make this work? I have tried using the 'elevate.cmd' from TechNet, but I am still prompted for Admin credentials. The RunAs command line (Windows, not AutoIT) would be perfect, but it does not allow for me to put in a password automatically). I've been searching all over the forums here , but I have not found any solid solutions to this issue (other than disabling UAC, which I must leave on).And #requireadmin is obviously of no use here, since my end-users will not have any administrative access.Any thoughts? Edited October 5, 2009 by HopkinsProg Link to comment Share on other sites More sharing options...
martin Posted October 5, 2009 Share Posted October 5, 2009 I have several scripts that I use under Windows XP that basically use an Administrator account (at the domain level) to run certain things that standard users cannot. Under Windows 7, these scripts now fail to run, I assume because of Windows 7's UAC protection. For example, the below code basically launches the MalwareBytes Anti-Malware installer as an administrator. RunAsWait("domainAdmin","dc.me.com","********",0,"mbam-setup.exe",@ScriptDir) The above code works as expected under Windows XP (The installer window opens and is able to write to @ProgramFilesDir). Under Windows 7, the installer is never launched. If I change the '0' to a '2' (to use network credentials only, vs interactive/no profile), it launches as the logged on user and asks for an admin logon. If I try to run a command line, "cmd /k net localgroup groupName user@dc.me.com /add", I get an access denied (error #5) message, because the command window is not elevated. I have implemented a local group policy, which I had hoped would alleviate this password requirement issue - For Administrators in Approval Mode, it is set to "Elevate without Prompting". Basically, all I need to be able to do is to perform a "Run As" command, using a username, domain, and password that I provide so that I can perform Administrative functions. With UAC on, I am prevented from doing this. Is there anything I can do to make this work? I have tried using the 'elevate.cmd' from TechNet, but I am still prompted for Admin credentials. The RunAs command line (Windows, not AutoIT) would be perfect, but it does not allow for me to put in a password automatically). I've been searching all over the forums here , but I have not found any solid solutions to this issue (other than disabling UAC, which I must leave on). And #requireadmin is obviously of no use here, since my end-users will not have any administrative access. Any thoughts? I am new to dealing with UAC so I can't give a lot of help, but if you are wanting to runasadmin for some operation withoiut the user having to enter credentials then I don't think you will succeed, otherwise the UAC is useless. But maybe I have misunderstood. Serial port communications UDF Includes functions for binary transmission and reception.printing UDF Useful for graphs, forms, labels, reports etc.Add User Call Tips to SciTE for functions in UDFs not included with AutoIt and for your own scripts.Functions with parameters in OnEvent mode and for Hot Keys One function replaces GuiSetOnEvent, GuiCtrlSetOnEvent and HotKeySet.UDF IsConnected2 for notification of status of connected state of many urls or IPs, without slowing the script. Link to comment Share on other sites More sharing options...
MrHowDoesHeDoIt Posted June 24, 2010 Share Posted June 24, 2010 I am new to dealing with UAC so I can't give a lot of help, but if you are wanting to runasadmin for some operation withoiut the user having to enter credentials then I don't think you will succeed, otherwise the UAC is useless.But maybe I have misunderstood.I'm also having this issue. My domain users don't have access to add routes. So I've created a domain admin that is permitted. On XP I do a RunAsWait and add the route using the special user. In Windows 7, I need to do the same thing but prompt the UAC...#RequireAdmin doesn't work in this case. Any new ideas? Link to comment Share on other sites More sharing options...
lcoate Posted July 1, 2010 Share Posted July 1, 2010 I have several scripts that I use under Windows XP that basically use an Administrator account (at the domain level) to run certain things that standard users cannot. Under Windows 7, these scripts now fail to run, I assume because of Windows 7's UAC protection. For example, the below code basically launches the MalwareBytes Anti-Malware installer as an administrator. RunAsWait("domainAdmin","dc.me.com","********",0,"mbam-setup.exe",@ScriptDir) The above code works as expected under Windows XP (The installer window opens and is able to write to @ProgramFilesDir). Under Windows 7, the installer is never launched. If I change the '0' to a '2' (to use network credentials only, vs interactive/no profile), it launches as the logged on user and asks for an admin logon. If I try to run a command line, "cmd /k net localgroup groupName user@dc.me.com /add", I get an access denied (error #5) message, because the command window is not elevated. I have implemented a local group policy, which I had hoped would alleviate this password requirement issue - For Administrators in Approval Mode, it is set to "Elevate without Prompting". Basically, all I need to be able to do is to perform a "Run As" command, using a username, domain, and password that I provide so that I can perform Administrative functions. With UAC on, I am prevented from doing this. Is there anything I can do to make this work? I have tried using the 'elevate.cmd' from TechNet, but I am still prompted for Admin credentials. The RunAs command line (Windows, not AutoIT) would be perfect, but it does not allow for me to put in a password automatically). I've been searching all over the forums here , but I have not found any solid solutions to this issue (other than disabling UAC, which I must leave on). And #requireadmin is obviously of no use here, since my end-users will not have any administrative access. Any thoughts? I am getting the same issue. Have you heard or seen a fix around UAC? I am working on a script to install, update, scan, and clean. All using malwarebytes. The only thing holding me up is the UAC. I would appricate any help on this! Thanks lcoate Link to comment Share on other sites More sharing options...
engjcowi Posted July 1, 2010 Share Posted July 1, 2010 Hi guys Im pretty sure the following code turns off the UAC is 7 and vista however i think i restart might be required RegWrite("HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System", "EnableLUA", "REG_DWORD", "0") Drunken Frat-Boy Monkey Garbage Link to comment Share on other sites More sharing options...
Richard Robertson Posted July 1, 2010 Share Posted July 1, 2010 Running as admin will always trigger a UAC prompt. Unfortunately there's nothing you can do about it. Link to comment Share on other sites More sharing options...
Michael McNally Posted July 30, 2010 Share Posted July 30, 2010 Running as admin will always trigger a UAC prompt. Unfortunately there's nothing you can do about it.You had me worried until I tested it myself. Setting EnableLUA to 0, as mentioned above, prevents Windows from attempting to present a prompt. My RunAs installer script now works fine. Thanks engjcowi! Link to comment Share on other sites More sharing options...
nergmlam Posted June 28, 2012 Share Posted June 28, 2012 Hi guysIm pretty sure the following code turns off the UAC is 7 and vista however i think i restart might be requiredRegWrite("HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem", "EnableLUA", "REG_DWORD", "0")Yes, but it requires a reboot before it works, and then you are able to run your script, but needs to restore the "EnableLUA to REG_DWORD=1 again,and that requires a new reboot before it work.Not that I know the right solution, but EnableLUA isn't the solutionSincerelyJorgen MalmgrenIT-ProgrammerDenmark - UTC+1www.tryware.dk;o) Your brain is like a parachute. It works best when it's Sincerely J. Malmgren IT-Programmer http://www.tryware.dk Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now