Neutro Posted January 20, 2014 Posted January 20, 2014 Hey guys, I'm trying to launch a batch file as an administrator with autoit on windows 8.1. This batch file is doing several things to automaticly setup new computers in our company, like disableing windows firewall, adding registry keys... I know i could do this only using autoIT without the batch file but since all the work has already been done in the batch file, it would save me a lot of time if I could make this work without rewriting everything with autoit. Here is the code i'm using: #RequireAdmin if isadmin() == 0 then msgbox("","","no admin rights!") RunAsWait("userlogin","userdomain", "userpassword", 0, "\\server\path_to_batch\batch.bat") The batch file is launching properly when running the above autoit script but without administrator rights. I'm getting "not enough priviledges" error messages when trying to disable windows firewall using the batch file for example. When I launch the batch file using right click -> run as administrator when logged as "userlogin", it works without any problems. Any idea? Thanks! Identify active network connections and change DNS server - Easily export Windows network settings Clean temporary files from Windows users profiles directories - List Active Directory Groups members Export content of an Outlook mailbox to a PST file - File patch manager - IRC chat connect example Thanks again for your help Water!
Neutro Posted January 20, 2014 Author Posted January 20, 2014 (edited) Well I spent hours trying to solve this problem with no luck. The above code is working properly on Win7 but not on Win8. Only solution I found is to open C:\Windows\System32\ in explorer, find cmd.exe, make autoit right click on, click "run as administrator" then launch the batch file from there. Not clean but at least it's working! Edited January 20, 2014 by Neutro Identify active network connections and change DNS server - Easily export Windows network settings Clean temporary files from Windows users profiles directories - List Active Directory Groups members Export content of an Outlook mailbox to a PST file - File patch manager - IRC chat connect example Thanks again for your help Water!
AdamUL Posted January 20, 2014 Posted January 20, 2014 This is due to the RunAs function only running a process as another user. It does not give the process full admin rights, the admin token, even if the run as user is an admin. This requires another approach, such as using ShellExcute with the "runas" verb. Adam Neutro 1
Neutro Posted January 21, 2014 Author Posted January 21, 2014 It does on win7! The problem only exists on win8. Identify active network connections and change DNS server - Easily export Windows network settings Clean temporary files from Windows users profiles directories - List Active Directory Groups members Export content of an Outlook mailbox to a PST file - File patch manager - IRC chat connect example Thanks again for your help Water!
AdamUL Posted January 22, 2014 Posted January 22, 2014 (edited) Are you sure? On Win 7 you tested with, do you have UAC turned off, or changed some Win 7 UAC registry settings with UAC turned on? I have seen this same issue on Win 7, as well as Win 8 and 8.1, with UAC turned on. For your Win 7 and Win 8.1, test boxes, what are the following values for the keys under the following key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem? -FilterAdministratorToken -ConsentPromptBehaviorAdmin -EnableLUA After a little testin, give the following function a try. _ShellExecuteWaitAsAdmin("userlogin","userdomain", "userpassword", 0, "\\server\path_to_batch\batch.bat") Func _ShellExecuteWaitAsAdmin($sUserName, $sDomain, $sPassword, $iLogonFlag, $sFile, $sParamters = "") Local $sCmd = ' /AutoIt3ExecuteLine "ShellExecuteWait(''' & $sFile & ''', ''' & $sParamters & ''', '''', ''runas'')"' Return RunAsWait($sUserName, $sDomain, $sPassword, $iLogonFlag, @AutoItExe & $sCmd) EndFunc Adam Edited January 22, 2014 by AdamUL Neutro 1
Neutro Posted January 22, 2014 Author Posted January 22, 2014 Thanks for your answer Adam. I don't have time to test this further at work right now but will do later Identify active network connections and change DNS server - Easily export Windows network settings Clean temporary files from Windows users profiles directories - List Active Directory Groups members Export content of an Outlook mailbox to a PST file - File patch manager - IRC chat connect example Thanks again for your help Water!
AdamUL Posted January 24, 2014 Posted January 24, 2014 Glad I could help. Let me know if it works for you. Adam Neutro 1
teshko Posted January 27, 2014 Posted January 27, 2014 (edited) Hi, I started using autoit few days ago, and I love it. Unfortunately I believe I've run into the same issue on win 8.1 x64. My script won't modify/create Registry entries. Niether RegWrite nor Run(@ComSpec & ' /c regedit /s "' works. Also saving files (FileOpen/FileWrite) in protected directories doesn't work, though FileCreateShortcut and FileCopy works fine. Here's my script (work in progress): http://pastebin.com/3xvRb0zR I haven't tested it on windows 7 yet. Edited January 27, 2014 by teshko
teshko Posted January 27, 2014 Posted January 27, 2014 Update: http://pastebin.com/AkdqB2cX I tested fixed script on Windows 7 SP1 32bit and it works fine. On Windows 8.1 registry is not modified. (I had a dumb typo when doing a FileOpen test)
AdamUL Posted January 27, 2014 Posted January 27, 2014 Is your script compiled as 64-bit or 32-bit? Are you sure that the registry is not modified? Did you look at the keys under the "Wow6432Note"? What are the following values for the keys under the following key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem? -FilterAdministratorToken -ConsentPromptBehaviorAdmin -EnableLUA Also, for running under a 64-bit system, please look at "Running under Windows 64-bit Edition" from the help file. Adam Neutro 1
teshko Posted January 27, 2014 Posted January 27, 2014 Thank you Adam, that was it. I am running 32 bit on 64 bit for compatibility. My keys were written to: HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftCryptographyCalaisSmartCards instead of HKEY_LOCAL_MACHINESOFTWAREMicrosoftCryptographyCalaisSmartCards For whatever it means (reg query ...): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System EnableLUA REG_DWORD 0x1 ConsentPromptBehaviorAdmin REG_DWORD 0x5 FilterAdministratorToken REG_DWORD 0x0 For reference I fixed with similar to this: Local $sRegKey = "\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\SynchrotekID" If @OSArch = "X64" Then $sRegKey = "HKLM64" & $sRegKey Else $sRegKey = "HKLM" & $sRegKey EndIf RegWrite($sRegKey) RegWrite($sRegKey, "80000001", "REG_SZ", $InstallDir & "\opensc-minidriver.dll") RegWrite($sRegKey, "ATR", "REG_BINARY", Binary("0x3BF81800008031FE450073C8401000900091")) RegWrite($sRegKey, "ATRMask", "REG_BINARY", Binary("0xffffffffffffffffffffffffffffffffffff")) RegWrite($sRegKey, "Crypto Provider", "REG_SZ", "Microsoft Base Smart Card Crypto Provider") RegWrite($sRegKey, "Smart Card Key Storage Provider", "REG_SZ" ,"Microsoft Smart Card Key Storage Provider")
AdamUL Posted January 27, 2014 Posted January 27, 2014 Your welcome, glad I could help. Since you was thinking it was an admin rights issue, I wanted to see what your UAC settings were, and they are located under HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem. Adam Neutro 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now