Sign in to follow this  
Followers 0
maxcronjob

Log Off and Log In to another Windows account

21 posts in this topic

Hi,

I have a 2003 Server SE and I'm trying to figure out a way to log off from the current user's account and log into another user's account to check out some desktop settings, etc.

Can this be done from one script?

I got the log-off to work through a CLI command "shutdown /l" but I get stuck at the "Welcome to Windows" login screen.

Anyone have any suggestions?

thanks!

max

Share this post


Link to post
Share on other sites



You could set a Group Policy object to run at each user's logon, and then check settings that way...

Maybe doing an AutoAdminLogon Registry Write before shutting down, and then deleting the keys after restart


Writing AutoIt scripts since
_DateAdd("d", -2, _NowCalcDate())

Share this post


Link to post
Share on other sites

You could set a Group Policy object to run at each user's logon, and then check settings that way...

Maybe doing an AutoAdminLogon Registry Write before shutting down, and then deleting the keys after restart

<{POST_SNAPBACK}>

Could you give me an example of each? let's say I'm running script A that's doing a bunch of tests of what's currently installed on the system and I'm currently logged in as "Administrator". What I want to do is log-off, then login as "user1" and check out whether a certain wallpaper is configured, whether the display settings are properly configured and whether certain desktop icons exist. I want to store this data in a Log file, then logoff and log back in as Administrator and append this Log data to the Log that was collecting data from script A. Is this do-able with the methods you desribed above?

Thanks,

max

Share this post


Link to post
Share on other sites

One way to do this is to set the next logon in the registry to the user that you want to use, then send the system a restart command

Share this post


Link to post
Share on other sites

"Administrator".  What I want to do is log-off, then login as "user1" and check out whether a certain wallpaper is configured, whether the display settings are properly configured and whether certain desktop icons exist.  I want to store this data in a Log file, then logoff and log back in as Administrator and append this Log data to the Log that was collecting data from script A.  Is this do-able with the methods you desribed

You can't "log on" automatically, as this would circumvent all security measures of windows. The only thing you can do is to run a script under the ID of another user (with runas) and check whatever you want to check. See help file: RunAsSet() and Run(). Also search the forums for RunAsSet. You will find a lot of posts about this command.

Cheers

Kurt


__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Share this post


Link to post
Share on other sites

You can't "log on" automatically, as this would circumvent all security measures of windows.

<{POST_SNAPBACK}>

Yes you can. Only problem is that you have to put the username and password in the registry in plain text, so yes - it is not a good idea to do on a secured system.

Under HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon

AutoAdminLogon=1 (this is a boolean flag, in string format)

AutoLoginCount=1 (this is a counter, in binary format)

DefaultUserName= (this is the user to logon as)

DefaultPassword= (this is the user's password, in a plain text string)

DefaultDomainName= (this is the domain of the user that you want logged on. Leave blank for local machine)

I use this method on a system I have here - a script adds this information to the registry, and then also the script adds itself to the RunOnce registry, so that on next boot, it will set the logon back to the original user (or no user, depending on the case)

Share this post


Link to post
Share on other sites

Looks like Windows Server 2003 doesn't have any entries for "DefaultPassword". Would I have to add this to the registry like the AutoAdminLogon?

thanks,

max

Share this post


Link to post
Share on other sites

Looks like Windows Server 2003 doesn't have any entries for "DefaultPassword".  Would I have to add this to the registry like the AutoAdminLogon?

thanks,

max

<{POST_SNAPBACK}>

Yes, RegWrite() will create any keys that don't already exist.

Share this post


Link to post
Share on other sites

Looks like Windows Server 2003 doesn't have any entries for "DefaultPassword".  Would I have to add this to the registry like the AutoAdminLogon?

yes, you can create them and it will work, however just after a reboot. See this link.

http://support.microsoft.com/default.aspx?...kb;en-us;324737. So I guess the idea with RunAsSet is much easier than this, as it does not require a reboot. Regarding the security implications there is no difference, as you will need the password of the user in both cases.

Cheers

Kurt


__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Share this post


Link to post
Share on other sites

yes, you can create them and it will work, however just after a reboot. See this link.

http://support.microsoft.com/default.aspx?...kb;en-us;324737. So I guess the idea with RunAsSet is much easier than this, as it does not require a reboot. Regarding the security implications there is no difference, as you will need the password of the user in both cases.

Cheers

Kurt

<{POST_SNAPBACK}>

The thing with RunAsSet is that it only runs with the creditials of that user - it doesn't actually log on as the user. So none of the users login scripts are run, neither are it's environment variables set. Also, HKCU still points to the logged on user, not the RunAs user.

There are definately uses for the RunAsSet() function, but the original question was how to logon as another user, and RunAsSet() doesn't quite meet that qualification.

Share this post


Link to post
Share on other sites

The thing with RunAsSet is that it only runs with the creditials of that user - it doesn't actually log on as the user.  So none of the users login scripts are run, neither are it's environment variables set.  Also, HKCU still points to the logged on user, not the RunAs user.

So, what's the "option 1 = (default) load the user profile" used for?

Cheers

Kurt


__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Share this post


Link to post
Share on other sites

I believe that's for environment variables associated with the user account.


Writing AutoIt scripts since
_DateAdd("d", -2, _NowCalcDate())

Share this post


Link to post
Share on other sites

I believe that's for environment variables associated with the user account.

<{POST_SNAPBACK}>

Okay, I may have a partial solution.

Through the forum search I found a nice little function called _RegExport. I set my #include to include that script, setup a function to use "RunAsSet" along with that function and voila - I can see the other user's registry settings without logging off!

Anyone have a suggestion on where I might find a Windows file or registry file that lists all the icons a particular user currently has on his desktop? Does such a file or registry file exist? I'm still looking...

thanks!

max

Share this post


Link to post
Share on other sites

The thing with RunAsSet is that it only runs with the creditials of that user - it doesn't actually log on as the user.  So none of the users login scripts are run, neither are it's environment variables set.  Also, HKCU still points to the logged on user, not the RunAs user.

Your assumption seems to be wrong. I tested the whole thing with runasset and HKCU and the environment variables were completely different! So I guess RunAsSet () would be the perfect solution here.

Here are my scripts and the output.

Runas-Client.au3 (compile into EXE !!)

$allmsg = "==> User: " & @UserName &  @CRLF & @CRLF
$reg_keys = "[HKCU\Software\]" & @CRLF
for $i = 1 to 30
   $reg_keys = $reg_keys & RegEnumKey("HKCU\Software\",$i) & @CRLF
next

$allmsg = $allmsg & $reg_keys & @CRLF & @CRLF


$allmsg = $allmsg & "[EVIRONMENT VARIABLES]" & @CRLF & @CRLF

$var = EnvGet("SPECIAL1")
$allmsg = $allmsg & "SPECIAL1 = " & $var & @CRLF

$var = EnvGet("SPECIAL2")
$allmsg = $allmsg & "SPECIAL2 = " & $var & @CRLF

clipput($allmsg)

Runas-master.au3

msgbox(0,"INFO", "Running test as User: user1")

RunWait("runas-client.exe")

$retval_user1 = clipget()

msgbox(0,"INFO", "Running test as User: user2" )

RunAsSet("user2","localhost","abc123", 1)

RunWait("runas-client.exe")
RunAsSet()
$retval_user2 = clipget()

$allmsg = $retval_user1 & $retval_user2

clipput($allmsg)

Output

==> User: user1

[HKCU\Software\]
Adobe
Ahead
AutoIt v3
BackWeb
c't
F-Secure
Filzip
GipsySoft.com
Hewlett-Packard
Intel
Intel(R) PROSet for Wireless
IntellectualHeaven
JavaSoft
Leadertech
Local AppWizard-Generated Applications
Macromedia
Microsoft
Mozilla
Netscape
NEXT-Soft
Nico Mak Computing
ODBC
PCTEL
PepiMK Software
PJ Technologies
Policies


[EVIRONMENT VARIABLES]

SPECIAL1 = ONLY known by one User1, not by User2
SPECIAL2 = 


==> User: user2

[HKCU\Software\]
Adobe
Filzip
FinePrint Software
GhostTyperXML
Hewlett-Packard
Intel
kurtk
Microsoft
Netscape
Nico Mak Computing
ODBC
Policies
Sonic
Visioneer
Widcomm
Yahoo
Classes


[EVIRONMENT VARIABLES]

SPECIAL1 = 
SPECIAL2 = Not known to User1

Cheers

Kurt


__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Share this post


Link to post
Share on other sites

Anyone have a suggestion on where I might find a Windows file or registry file that lists all the icons a particular user currently has on his desktop?  Does such a file or registry file exist?  I'm still looking...

For normal icons, check in the 'Desktop' folder of the user's folder, and also of the 'AllUsers' folder.

For the special icons (My computer, Recycle Bin, Internet Explorer, My Bluetooth Places, etc) you're going to have to check registry settings.

Share this post


Link to post
Share on other sites

Anyone have a suggestion on where I might find a Windows file or registry file that lists all the icons a particular user currently has on his desktop?  Does such a file or registry file exist?  I'm still looking...

That's not in the registry. It's a combination of files in @DesktopDir of the current user and "All Users". The "icons" are just links to programs.

Cheers

Kurt


__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Share this post


Link to post
Share on other sites

Your assumption seems to be wrong. I tested the whole thing with runasset and HKCU and the environment variables were completely different! So I guess RunAsSet () would be the perfect solution here.

If I was wrong, I apologize. I just remeber trying that a while back and couldn't get things to work quite right, so I had to do the whole thing with logging off and on again.

Share this post


Link to post
Share on other sites

If I was wrong, I apologize.  I just remeber trying that a while back and couldn't get things to work quite right, so I had to do the whole thing with logging off and on again.

<{POST_SNAPBACK}>

No problem at all. Probably you could use RunAsSet as well for your task.

Cheers

Kurt


__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Share this post


Link to post
Share on other sites

For normal icons, check in the 'Desktop' folder of the user's folder, and also of the 'AllUsers' folder.

For the special icons (My computer, Recycle Bin, Internet Explorer, My Bluetooth Places, etc) you're going to have to check registry settings.

<{POST_SNAPBACK}>

Awesome! thanks!

max

Share this post


Link to post
Share on other sites

That's not in the registry. It's a combination of files in @DesktopDir of the current user and "All Users". The "icons" are just links to programs.

Cheers

Kurt

<{POST_SNAPBACK}>

Normal Icons yes, but the special ones (My Computer, My Documents, My Bluetooth Places, Internet Explorer, Recycle Bin, etc) - I think they're based on registry entries?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0