koons Posted September 8, 2014 Share Posted September 8, 2014 (edited) Hi there everyone. Haven't posted here in a long time and I could use some assistance again. Previously, I created a script with some help from this forum that allows non-admin users to pulls a list of .exe files from a server. They can then select one of the .exe files and it will run it with administrator rights. It works perfectly in Windows XP, but not in Windows 7. In Windows 7, if I right click the .exe I created from the script and select "Run as administrator" it will work. But that defeats the purpose of allowing the user without admin rights to be able to run it. Any help would be greatly appreciated. expandcollapse popup#include <ButtonConstants.au3> #include <GUIConstantsEx.au3> #include <ListViewConstants.au3> #include <StaticConstants.au3> #include <WindowsConstants.au3> #include <file.au3> #include <array.au3> #include <GuiListView.au3> #Region ### START Koda GUI section ### Form=c:\documents and settings\Admin\my documents\scripts\idsupdater\idsupdater.kxf $IDSUpdaterForm = GUICreate("IDS Updater", 633, 447, 1584, 161) GUISetBkColor(0xA6CAF0) $IDSUpdaterTitle = GUICtrlCreateLabel("IDS Updater 2.0", 179, 24, 275, 49) GUICtrlSetFont(-1, 30, 800, 4, "Garamond") GUICtrlSetColor(-1, 0x000000) $Directions1 = GUICtrlCreateLabel("Please select the update you wish to install from the below list", 85, 104, 463, 25) GUICtrlSetFont(-1, 14, 400, 0, "Times New Roman") $Directions2 = GUICtrlCreateLabel(" and hit the Update button.", 217, 136, 203, 25) GUICtrlSetFont(-1, 14, 400, 0, "Times New Roman") GUISetState(@SW_SHOW) $AvailableUpdatesList = GUICtrlCreateListView("", 118, 165, 401, 160) GUICtrlSetFont(-1, 10, 400, 0, "Times New Roman") GUICtrlSetCursor (-1, 0) _GUICtrlListView_AddColumn($AvailableUpdatesList,"Available updates",397) $FileList=_FileListToArray("\\domain.com\apps\IDS","*.exe") If @error=1 Then MsgBox(0,"","No folders found.") Exit EndIf If @error=4 Then MsgBox(0,"","No files found.") Exit EndIf Dim $a_lv_array[$FileList[0]][1] For $i = 1 To $FileList[0] $a_lv_array[$i - 1][0] = $FileList[$i] Next _GUICtrlListView_AddArray($AvailableUpdatesList,$a_lv_array) $UpdateButton = GUICtrlCreateButton("Update", 120, 360, 153, 41, $WS_GROUP) GUICtrlSetFont(-1, 12, 800, 0, "Times New Roman") $CancelButton = GUICtrlCreateButton("Cancel", 440, 360, 81, 41, $WS_GROUP) GUICtrlSetFont(-1, 12, 800, 0, "Times New Roman") $Directions3 = GUICtrlCreateLabel("After clicking Update, there will be a delay while file is downloading.", 110, 410, 463, 25) GUICtrlSetFont(-1, 9, 400, 0, "Times New Roman") GUISetState() #EndRegion ### END Koda GUI section ### While 1 $nMsg = GUIGetMsg() WinMove("IDS Updater","",100,100) Switch $nMsg Case $GUI_EVENT_CLOSE Exit Case $CancelButton Exit Case $UpdateButton Local $sUserName = "Admin" Local $sDomainName = "domain.com" Local $sPassword = "secret" Local $sSelected = _GUICtrlListView_GetItemText($AvailableUpdatesList,number(_GUICtrlListView_GetSelectedIndices($AvailableUpdatesList))) If Not IsAdmin() Then RunAs($sUserName,$sDomainName,$sPassword,0,"\\domain.com\apps\IDS\" & $sSelected) Else MsgBox(0,"Silly goose.","You're an admin. You don't need to run this.") EndIf Sleep(200) Exit EndSwitch WEnd Edited September 8, 2014 by koons Link to comment Share on other sites More sharing options...
MikahS Posted September 8, 2014 Share Posted September 8, 2014 (edited) Look at the: RunAs() function thank you for adding your script Edited September 8, 2014 by MikahS Snips & Scripts My Snips: graphCPUTemp ~ getENVvarsMy Scripts: Short-Order Encrypter - message and file encryption V1.6.1 ~ AuPad - Notepad written entirely in AutoIt V1.9.4 Feel free to use any of my code for your own use. Forum FAQ Link to comment Share on other sites More sharing options...
JohnOne Posted September 8, 2014 Share Posted September 8, 2014 The reason is, simply put, because Windows 7 is more secure than Windows XP, and is designed to disallow such hazardous operations to take place. AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
jguinch Posted September 8, 2014 Share Posted September 8, 2014 Did you try #RequireAdmin at the beginning of your script ? Spoiler Network configuration UDF, _DirGetSizeByExtension, _UninstallList Firefox ConfigurationArray multi-dimensions, Printer Management UDF Link to comment Share on other sites More sharing options...
MikahS Posted September 8, 2014 Share Posted September 8, 2014 Did you try #RequireAdmin at the beginning of your script ? They are trying to run programs without admin rights. Snips & Scripts My Snips: graphCPUTemp ~ getENVvarsMy Scripts: Short-Order Encrypter - message and file encryption V1.6.1 ~ AuPad - Notepad written entirely in AutoIt V1.9.4 Feel free to use any of my code for your own use. Forum FAQ Link to comment Share on other sites More sharing options...
koons Posted September 8, 2014 Author Share Posted September 8, 2014 Thanks for checking my post out. We are trying to allow users to run these .exe files without admin rights. And I am by no means a programmer, so any help would be much appreciated. Link to comment Share on other sites More sharing options...
jguinch Posted September 8, 2014 Share Posted September 8, 2014 #RequireAdmin does not execute the program with admin rights, it "just" executes the program with elevate privileges. It is the same thing than "Run as administrator" option in the context menu. RunAs executes a program with different credentials, but need an elevation of privileges if the program requires it (eg : diskpart, regedit...) With UAC enabled, RunAs needs #RequireAdmin to execute a program with full rights (except for the builtin administrator account, which seems to not be affected by the UAC prompt) Spoiler Network configuration UDF, _DirGetSizeByExtension, _UninstallList Firefox ConfigurationArray multi-dimensions, Printer Management UDF Link to comment Share on other sites More sharing options...
MikahS Posted September 8, 2014 Share Posted September 8, 2014 #RequireAdmin does not execute the program with admin rights, it "just" executes the program with elevate privileges. It is the same thing than "Run as administrator" option in the context menu. RunAs executes a program with different credentials, but need an elevation of privileges if the program requires it (eg : diskpart, regedit...) With UAC enabled, RunAs needs #RequireAdmin to execute a program with full rights (except for the builtin administrator account, which seems to not be affected by the UAC prompt) Thank you for that information jguinch, very nice. I'm sure that will be OP's solution if I'm not mistaken. Snips & Scripts My Snips: graphCPUTemp ~ getENVvarsMy Scripts: Short-Order Encrypter - message and file encryption V1.6.1 ~ AuPad - Notepad written entirely in AutoIt V1.9.4 Feel free to use any of my code for your own use. Forum FAQ Link to comment Share on other sites More sharing options...
koons Posted September 8, 2014 Author Share Posted September 8, 2014 Oh, I did not realize that but it sounds like that line could fix the problem. Where would this be inserted into the script? Link to comment Share on other sites More sharing options...
MikahS Posted September 8, 2014 Share Posted September 8, 2014 Top of your script either before or after your includes Snips & Scripts My Snips: graphCPUTemp ~ getENVvarsMy Scripts: Short-Order Encrypter - message and file encryption V1.6.1 ~ AuPad - Notepad written entirely in AutoIt V1.9.4 Feel free to use any of my code for your own use. Forum FAQ Link to comment Share on other sites More sharing options...
JohnOne Posted September 8, 2014 Share Posted September 8, 2014 If you mean adding #RequireAdmin to your script, the user will need admin rights. AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
MikahS Posted September 8, 2014 Share Posted September 8, 2014 (edited) If you mean adding #RequireAdmin to your script, the user will need admin rights. Are you saying jguinch is wrong? If so, please clarify. As now I'm thinking they are wrong.. EDIT: I don't have any way to test this at the moment.. Edited September 8, 2014 by MikahS Snips & Scripts My Snips: graphCPUTemp ~ getENVvarsMy Scripts: Short-Order Encrypter - message and file encryption V1.6.1 ~ AuPad - Notepad written entirely in AutoIt V1.9.4 Feel free to use any of my code for your own use. Forum FAQ Link to comment Share on other sites More sharing options...
JohnOne Posted September 8, 2014 Share Posted September 8, 2014 If you have #RequireAdmin in your script either compiled or otherwise in Win7 the user of that script will need to have admin rights in order for it to run. AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
MikahS Posted September 8, 2014 Share Posted September 8, 2014 If you have #RequireAdmin in your script either compiled or otherwise in Win7 the user of that script will need to have admin rights in order for it to run. Good deal, I was correct (in my own head). So, essentially on win 7 the OP's question is irrelevant because this is impossible without admin rights? Snips & Scripts My Snips: graphCPUTemp ~ getENVvarsMy Scripts: Short-Order Encrypter - message and file encryption V1.6.1 ~ AuPad - Notepad written entirely in AutoIt V1.9.4 Feel free to use any of my code for your own use. Forum FAQ Link to comment Share on other sites More sharing options...
koons Posted September 8, 2014 Author Share Posted September 8, 2014 So I added that line. Now it appears to be running elevated, but it is requiring admin credentials which is what we are trying to avoid. Link to comment Share on other sites More sharing options...
JohnOne Posted September 8, 2014 Share Posted September 8, 2014 (edited) I never use the term impossible on a coding/scripting board, it invites all kinds of characters. But I will say that in order to run a script or other program which requires admin or other elevated right, the user must have equal to or above the specified rights. That is Win 7 decent security measures. Edited September 8, 2014 by JohnOne AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
MikahS Posted September 8, 2014 Share Posted September 8, 2014 I agree, my apologies. Hmm, maybe running an elevated cmd prompt would do this. But, that is with giving it admin rights. Snips & Scripts My Snips: graphCPUTemp ~ getENVvarsMy Scripts: Short-Order Encrypter - message and file encryption V1.6.1 ~ AuPad - Notepad written entirely in AutoIt V1.9.4 Feel free to use any of my code for your own use. Forum FAQ Link to comment Share on other sites More sharing options...
willichan Posted September 8, 2014 Share Posted September 8, 2014 You might try looking at >UAC Pass to see if that helps. My UDFs: Barcode Libraries, Automate creation of any type of project folder, File Locking with Cooperative Semaphores, Inline binary files, Continue script after reboot, WinWaitMulti, Name Aggregator, Enigma, CornedBeef Hash Link to comment Share on other sites More sharing options...
jguinch Posted September 8, 2014 Share Posted September 8, 2014 Sorry for the confusion. I wrote to fast. JohnOne is right : #RequireAdmin prompts the user to enter credentials of an adminitrator user if the user is not an administrator group member. Against, if the user is member of an administrator group, the prompt is just to validate the elevation. Spoiler Network configuration UDF, _DirGetSizeByExtension, _UninstallList Firefox ConfigurationArray multi-dimensions, Printer Management UDF Link to comment Share on other sites More sharing options...
koons Posted September 8, 2014 Author Share Posted September 8, 2014 So it seems like there is no way to do what I am trying to do here. Is that a fair assumption? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now