Recently Browsing 0 members
No registered users viewing this page.
When a non compiled AU3 script is run with #RequireAdmin, then if the UAC prompt can be authorized due to the fact, that the currently loggedon user has local admin rights, then the macro @UserProfileDir correctly reflects the profile dir of the user of the windows logon session.
When the script with #RequireAdmin is started by a "normal user" without local admin rights, and I use a domain admin account to authorize the UAC prompt, then @UserProfileDir reflects the profile dir belonging to the AD-Admin account.
As the script originally was started using the "regular user" I'm wondering, if there is a chance to "pass" the original user's @UserProfileDir to the UAC elevated script?
As playing around with this feature I realize, that I basically don't know the exact mechanism of the UAC elevation authorization process:
The script is started by right mouse click, execute script This is invoking e.g. "C:\Program Files (x86)\AutoIt3\AutoIt3.exe" "C:\Users\Rudi\Desktop\test.au3" as by this registy value: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\AutoIt3Script\Shell\Run\Command] @="\"C:\\Program Files (x86)\\AutoIt3\\AutoIt3.exe\" \"%1\" %*" But what I honestly don't know is, how does the UAC propt interact in the program startup? I guess, that Autoit3.exe is parsing the AU3 source, is seeing the #RequireAdmin and then "relaunches itself with the AU3 as %1" requesting UAC elevated rights "from windows"??? With Process Explorer I can see, that The commandline then is this one with a "!" before "%1"
"C:\Program Files (x86)\AutoIt3\AutoIt3.exe" !"C:\Users\Rudi\Desktop\test.au3" It it should be something like this, then it might be possible to pass the original @UserProfileDir to the second, UAC elevated "Startup"??? <edit>
I just noticed:
When I use "WIN+R" and then directly use the command line, I see in Process Explorer, ...
"C:\Program Files (x86)\AutoIt3\AutoIt3.exe" !"C:\Users\Rudi\Desktop\test.au3"
... then this script with #RequireAdmin is started *WITHOUT* UAC elevation.
Guessing, that this ! is just reverting #RequireAdmin I tried the "opposite" one as well:
AU3 script without #RequireAdmin Starting with "C:\Program Files (x86)\AutoIt3\AutoIt3.exe" !"C:\Users\Rudi\Desktop\test.au3" does not invoke UAC elevation prompt. So to me it looks like, this ! is a "status flag from Autoit3.exe to Autoit3.exe", that the elevation process was done already? amazing...
the topic Autoit on Windows Vista is telling no details of this UAC process...
I have a question please
Is there a way to request the script for administrator privileges if a particular condition is met??
local $path = RegRead("HKEY_CURRENT_USER\Software\test", "fullpath")
if $fullPath = @scriptFullPath then
Request for administrator privileges
I hope to find a solution here
Greetings to all
Morning! I've searched for a definitive answer on the forums on this but can't find one so here goes. I need admin for one of my functions so I'm using #RequireAdmin. I then noticed that regardless of that function being used or admin actually being required, the program pops up and requires admin all of the time.
Is this the way it's designed and is there a way around it so that I can launch my program as normal until admin is required, then and only then prompt the user to run the program as admin?
The only solution I could think of is to produce 2 executables and do something like:
$adminrequired = 1 If($adminrequired = 1) Then Run(Run first executable which includes #RequireAdmin) Else Run(Run second identical executable without #RequireAdmin) EndIf Obviously I'd rather keep to making a single executable rather than having 2 or 3!
I've abandoned the FileSelectFolder() approach and rolled my own UDF to create a dialog containing the folder list in a ListView, which seems to work fine. It's also a better fit to our requirements: we don't really want the user wandering around in the folder-selection dialog, plus the UDF displays some associated info for each folder in a second column. Thanks again to the forum members who took a look at this.
I'm writing an installer script that needs to run as Administrator so it can, e.g., write files into protected directories. The problem is that when I call FileSelectFolder(), there is a 60-second delay before the dialog appears. If I run as an ordinary user (in the Administrators group), there's no delay, but I don't think that will work: for one thing, the installer needs to create a symbolic link, which a member of the Administrators group can't do unless the program is elevated. (This is Win 7 x64.)
(The installer will be run using an Admin account; the other user accounts are locked down and don't have access to the filesystem, the Start menu, Computer, etc. - it's a turnkey system.)
Any idea what causes the delay? And is there a way around it?
After a few weeks of researching and testing, I think I have a good understanding of #RequireAdmin and IsAdmin() for an individual script. They both work in conjunction with each other and ignore whether the current user has administrator rights, or not. In other words, IsAdmin() doesn't test the user, only the declared permission level of the script it is executed in. A separate check is needed to actually confirm the user's admin level. I've included a test script that demonstrates the difference.
Here is my question: When a compiled scripts runs with administrative rights, does a script that it runs inherit those rights? Or is every script on its own? For example,
Parent Script ... (doesn't need admin rights) ... that runs:
Child Script ... that does need admin rights, and obtains them via #RequireAdmin + user's response ... and then runs:
2nd Child Script ...<< does this script execute with admin rights, or not?
If a script does not automatically inherit rights, then is there a way for a parent script that has admin rights to run a child script "with rights", so that running the child script does not result in another prompt for user permission?
Thanks in advance for any help.
;#RequireAdmin ; enable or disable this line to see the difference $AdCheck = IsAdmin() MsgBox(0, "Admin Test", "Admin is " & $AdCheck) $AdCheck = _IsAdministrator() MsgBox(0, "Admin Test", "Admin is " & $AdCheck) Exit Func _IsAdministrator($sUser = @UserName, $sCompName = ".") Local $aCall = DllCall("netapi32.dll", "long", "NetUserGetInfo", "wstr", $sCompName, "wstr", $sUser, "dword", 1, "ptr*", 0) If @error Or $aCall Then Return SetError(1, 0, False) Local $fPrivAdmin = DllStructGetData(DllStructCreate("ptr;ptr;dword;dword;ptr;ptr;dword;ptr", $aCall), 4) = 2 DllCall("netapi32.dll", "long", "NetApiBufferFree", "ptr", $aCall) Return $fPrivAdmin EndFunc