PrairieSailor Posted August 21, 2013 Share Posted August 21, 2013 Howdy, I have been pounding me head for hours trying to understand why I can't get this to work. The following autoit fails with "access denied" on the cmd window. Logged in user is local Admin with UAC disabled. RunAs(@UserName, @ComputerName, "thepassword", 0, @comspec & " /k schtasks /Create /XML c:\temp\Desktop_Refresh.xml /TN Desktop_Refresh", @SystemDir) If i run this straight on the command line it also fails with access denied schtasks /Create /XML c:\temp\Desktop_Refresh.xml /TN Desktop_Refresh If I open a Command Prompt with elevated rights (Right click > open as administrator) and paste the same line it works perfectly. I seem to have tried every possible change and just can't figure it out. Link to comment Share on other sites More sharing options...
spudw2k Posted August 21, 2013 Share Posted August 21, 2013 (edited) Are you running Windows 7? If ran from a command line it must be elevated to Administrator (even if the user has admin rights) right-click on Command Prompt, Run as Administrator. Try adding #RequireAdmin at the top of your script. Also, just an observational question, is the user from @UserName an Administrator of @ComputerName and not a Domain Admin account...is this in a Domain Environment? edit: Just in case you are interested, I have a script in my signature for a SchTasksGui, which is limited in features, but perhaps you could use and improve for your needs. Edited August 21, 2013 by spudw2k Spoiler Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of Cards ◊ HideIt ◊ ICU ◊ Icon Freezer ◊ Ipod Ejector ◊ Junos Configuration Explorer ◊ Link Downloader ◊ MD5 Folder Enumerator ◊ PassGen ◊ Ping Tool ◊ Quick NIC ◊ Read OCR ◊ RemoteIT ◊ SchTasksGui ◊ SpyCam ◊ System Scan Report Tool ◊ System UpTime ◊ Transparency Machine ◊ VMWare ESX BuilderMisc Code Snippets: ADODB Example ◊ CheckHover ◊ Detect SafeMode ◊ DynEnumArray ◊ GetNetStatData ◊ HashArray ◊ IsBetweenDates ◊ Local Admins ◊ Make Choice ◊ Recursive File List ◊ Remove Sizebox Style ◊ Retrieve PNPDeviceID ◊ Retreive SysListView32 Contents ◊ Set IE Homepage ◊ Tickle Expired Password ◊ Transpose ArrayProjects: Drive Space Usage GUI ◊ LEDkIT ◊ Plasma_kIt ◊ Scan Engine Builder ◊ SpeeDBurner ◊ SubnetCalcCool Stuff: AutoItObject UDF ◊ Extract Icon From Proc ◊ GuiCtrlFontRotate ◊ Hex Edit Funcs ◊ Run binary ◊ Service_UDF Link to comment Share on other sites More sharing options...
PrairieSailor Posted August 21, 2013 Author Share Posted August 21, 2013 (edited) Are you running Windows 7? If ran from a command line it must be elevated to Administrator (even if the user has admin rights) right-click on Command Prompt, Run as Administrator. Try adding #RequireAdmin at the top of your script. Also, just an observational question, is the user from @UserName and Administrator of @ComputerName and not a Domain Admin account...is this in a Domain Environment? edit: Just in case you are interested, I have a script in my signature for a SchTasksGui, which is limited in features, but perhaps you could use and improve for your needs. Yes this is Windows 7 64bit. The #RequireAdmin doesn't seem to make any difference. Local accounts only, no domain environment (and common password). I had attempted just the schtasks command line, but not enough arguments available therefore I was left with exporting and importing the XML file. (i.e. start at logon, and run every 10 minutes, also power options, etc). EDIT - I know this is the AutoIt forum, but I'm open to suggestions if there is another method for this...I have not found anything successful. Edited August 22, 2013 by PrairieSailor Link to comment Share on other sites More sharing options...
AdamUL Posted August 22, 2013 Share Posted August 22, 2013 Did you just try using just Run, instead of RunAs? Since you are using the current user running the script, @UserName, then I see no need to use RunAs. In addition, are you sure the password that you entered into the script is correct? Try #RequireAdmin Run('schtasks /Create /XML "C:\temp\Desktop_Refresh.xml" /TN Desktop_Refresh', @SystemDir) or you could use ShellExecute with the "runas" verb. ShellExecute('schtasks.exe', '/Create /XML "C:\temp\Desktop_Refresh.xml" /TN Desktop_Refresh', @SystemDir, 'runas') Adam Link to comment Share on other sites More sharing options...
PrairieSailor Posted August 22, 2013 Author Share Posted August 22, 2013 Did you just try using just Run, instead of RunAs? Since you are using the current user running the script, @UserName, then I see no need to use RunAs. In addition, are you sure the password that you entered into the script is correct? Try #RequireAdmin Run('schtasks /Create /XML "C:\temp\Desktop_Refresh.xml" /TN Desktop_Refresh', @SystemDir) or you could use ShellExecute with the "runas" verb. ShellExecute('schtasks.exe', '/Create /XML "C:\temp\Desktop_Refresh.xml" /TN Desktop_Refresh', @SystemDir, 'runas') Adam Interesting that you say this....i did exactly this (Run vs RunAs) late last night and it worked. I just thought that would never work, because even manually when logged in as that admin user the command would only run if I started CMD elevated. Thanks! Link to comment Share on other sites More sharing options...
AdamUL Posted August 22, 2013 Share Posted August 22, 2013 (edited) Your welcome. Glad I could help.Also, #RequireAdmin requests the admin token for the whole script, and its child processes. Using RunAs was creating the process without the admin token already gained from the #RequireAdmin. Since it was a new process created with a "different" user, even though it was the same user account.Have a look at this >example, this ?do=embed' frameborder='0' data-embedContent>>example, and this ?do=embed' frameborder='0' data-embedContent>>example (#8) for working with UAC. Even with UAC turned off, Windows Vista and above will only elevate processes that request the admin token. This is a good article about this.In my second example, using ShellExecute with the "runas" verb, request the admin token just for that process, not the whole script, as #RequireAdmin does.Adam Edited August 22, 2013 by AdamUL Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now