JohnOne Posted September 8, 2014 Share Posted September 8, 2014 So it seems like there is no way to do what I am trying to do here. Is that a fair assumption?If you want a non admin user to be able to run admin scripts/programs on a windows vista or 7 machine without running as a different admin user with supplied admin password of said admin user then yes.You might try looking at >UAC Pass to see if that helps.Only helps bypass UAC though, not elevating normal user to admin. AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
BrewManNH Posted September 8, 2014 Share Posted September 8, 2014 And thank the software Gods that you can't run it that way. If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag GudeHow to ask questions the smart way! I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from. Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays. - ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script. - Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label. - _FileGetProperty - Retrieve the properties of a file - SciTE Toolbar - A toolbar demo for use with the SciTE editor - GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI. - Latin Square password generator Link to comment Share on other sites More sharing options...
jguinch Posted September 8, 2014 Share Posted September 8, 2014 (edited) Is it acceptable for your users to have the UAC Administrator User Prompt to accept the program starts (without having to enter credentials) ? Edited September 8, 2014 by jguinch Spoiler Network configuration UDF, _DirGetSizeByExtension, _UninstallList Firefox ConfigurationArray multi-dimensions, Printer Management UDF Link to comment Share on other sites More sharing options...
koons Posted September 9, 2014 Author Share Posted September 9, 2014 Is it acceptable for your users to have the UAC Administrator User Prompt to accept the program starts (without having to enter credentials) ? As long as they don't have to enter any admin credentials, I'm ok with that. It's fine if they get a pop up where they have to click on Yes or OK. Link to comment Share on other sites More sharing options...
jguinch Posted September 9, 2014 Share Posted September 9, 2014 (edited) Can you try this code (of course, change $username, $password and $domain ? expandcollapse popup#pragma compile(AutoItExecuteAllowed, True) $username = "jguinch" $password = "P@$$w0rd!" $domain = @ComputerName _RunAsElevate($username, $domain, $password, 0, "notepad.exe", @WindowsDir, "") Func _RunAsElevate($sUsername,$sDomain, $sPassword, $iLogonFlag, $sProgram, $sWorkingDir = @SystemDir, $iShowFlag = "") Local $sLauncher Local $sWritableDir = @AppDataCommonDir ; Writable folder for all users Local $sFileTemp = $sWritableDir & "\myScript.au3" ; an AutoIt script that will be launched with the specified account ; Code to write to the launcher Local $sCommand = "#RequireAdmin" & @CRLF & _ "Run ( '" & $sProgram & "', '" & $sWorkingDir & "'" & ( $iShowFlag ? ", " & $iShowFlag : "") & ")" ; Write code Local $hFile = FileOpen($sFileTemp, 2) Local $iRet = FileWrite($sFileTemp, $sCommand) FileClose($hFile) If $iRet = 0 Then Return SetError(1, 0, 0) If @Compiled Then $iRet = FileCopy( @ScriptFullPath, $sWritableDir & "\" & @ScriptName, 1) ; Copy of the compiled, to prevent any denied access If $iRet = 0 Then FileDelete($sFileTemp) Return SetError(1, 0, 0) EndIf $sLauncher = $sWritableDir & "\" & @ScriptName Else $sLauncher = @AutoItExe EndIf ; Starting the launcher with the specified account. ; If the specified account is an admin type, the user will be prompted to allow the program execution ; If the specified account is NOT an admin type, the user will be prompted to enter admin credentials RunAsWait($sUsername, $sDomain, $sPassword, $iLogonFlag, $sLauncher & ' /AutoIt3ExecuteScript "' & $sFileTemp & '"') ; Deletes the launcher FileDelete($sFileTemp) FileDelete($sLauncher) EndFunc Edited September 9, 2014 by jguinch Spoiler Network configuration UDF, _DirGetSizeByExtension, _UninstallList Firefox ConfigurationArray multi-dimensions, Printer Management UDF Link to comment Share on other sites More sharing options...
koons Posted September 9, 2014 Author Share Posted September 9, 2014 (edited) Not to sound dumb, but where would I insert this into my code? And yes, I did know to change the credentials at least. Give me a little credit. Edit: I assume the function would have to run under "Case $UpdateButton" below the "If Not IsAdmin" part? Edited September 9, 2014 by koons Link to comment Share on other sites More sharing options...
jguinch Posted September 9, 2014 Share Posted September 9, 2014 (edited) Well : Add #pragma compile(AutoItExecuteAllowed, True) at the top of the script Replace RunAs by the _RunAsElevate line Add the Func _RunAsElevate where you want Edited September 9, 2014 by jguinch Spoiler Network configuration UDF, _DirGetSizeByExtension, _UninstallList Firefox ConfigurationArray multi-dimensions, Printer Management UDF Link to comment Share on other sites More sharing options...
koons Posted September 9, 2014 Author Share Posted September 9, 2014 (edited) Well that seems promising. It appears to elevate the command but it throws back an error. Line 0 (File "C:ProgramDatamyScript.au3"): Error: Error opening the file. Now on my system, I'm an admin and I got that error the first time I ran it. But I tried it a second time and it works. The standard user keeps getting the above error. Edited September 9, 2014 by koons Link to comment Share on other sites More sharing options...
koons Posted September 9, 2014 Author Share Posted September 9, 2014 (edited) Hmmm, so for testing purposes, I copied the myScript.au3 that was created in my C:ProgramData folder to the user's C:ProgramData folder and ran the .exe again but it worked this time. So for some reason the script isn't creating that myScript.au3 file in the user's ProgramData folder. Any clues as to what could cause that? Could I change the @AppDataCommonDir to @UserProfileDir to ensure the user has full rights to the directory? Edited September 9, 2014 by koons Link to comment Share on other sites More sharing options...
jguinch Posted September 9, 2014 Share Posted September 9, 2014 You must replace the value of $sWritableDir by a writable path for the user, and accessible by the specified admin. Spoiler Network configuration UDF, _DirGetSizeByExtension, _UninstallList Firefox ConfigurationArray multi-dimensions, Printer Management UDF Link to comment Share on other sites More sharing options...
koons Posted September 9, 2014 Author Share Posted September 9, 2014 I feel like it is so close. Here is the full script I have now. expandcollapse popup#pragma compile(AutoItExecuteAllowed, True) #include <ButtonConstants.au3> #include <GUIConstantsEx.au3> #include <ListViewConstants.au3> #include <StaticConstants.au3> #include <WindowsConstants.au3> #include <file.au3> #include <array.au3> #include <GuiListView.au3> Func _RunAsElevate($sUsername,$sDomain, $sPassword, $iLogonFlag, $sProgram, $sWorkingDir = @SystemDir, $iShowFlag = "") Local $sLauncher Local $sWritableDir = @AppDataCommonDir ; Writable folder for all users Local $sFileTemp = $sWritableDir & "\myScript.au3" ; an AutoIt script that will be launched with the specified account ; Code to write to the launcher Local $sCommand = "#RequireAdmin" & @CRLF & _ "Run ( '" & $sProgram & "', '" & $sWorkingDir & "'" & ( $iShowFlag ? ", " & $iShowFlag : "") & ")" ; Write code Local $hFile = FileOpen($sFileTemp, 2) Local $iRet = FileWrite($sFileTemp, $sCommand) FileClose($hFile) If $iRet = 0 Then Return SetError(1, 0, 0) If @Compiled Then $iRet = FileCopy( @ScriptFullPath, $sWritableDir & "\" & @ScriptName, 1) ; Copy of the compiled, to prevent any denied access If $iRet = 0 Then FileDelete($sFileTemp) Return SetError(1, 0, 0) EndIf $sLauncher = $sWritableDir & "\" & @ScriptName Else $sLauncher = @AutoItExe EndIf ; Starting the launcher with the specified account. ; If the specified account is an admin type, the user will be prompted to allow the program execution ; If the specified account is NOT an admin type, the user will be prompted to enter admin credentials RunAsWait($sUsername, $sDomain, $sPassword, $iLogonFlag, $sLauncher & ' /AutoIt3ExecuteScript "' & $sFileTemp & '"') ; Deletes the launcher FileDelete($sFileTemp) FileDelete($sLauncher) EndFunc #Region ### START Koda GUI section ### Form=c:\documents and settings\andrew.mclean\my documents\scripts\idsupdater\idsupdater.kxf $IDSUpdaterForm = GUICreate("IDS Updater", 633, 447, 1584, 161) GUISetBkColor(0xA6CAF0) $IDSUpdaterTitle = GUICtrlCreateLabel("IDS Updater 2.0", 179, 24, 275, 49) GUICtrlSetFont(-1, 30, 800, 4, "Garamond") GUICtrlSetColor(-1, 0x000000) $Directions1 = GUICtrlCreateLabel("Please select the update you wish to install from the below list", 85, 104, 463, 25) GUICtrlSetFont(-1, 14, 400, 0, "Times New Roman") $Directions2 = GUICtrlCreateLabel(" and hit the Update button.", 217, 136, 203, 25) GUICtrlSetFont(-1, 14, 400, 0, "Times New Roman") GUISetState(@SW_SHOW) $AvailableUpdatesList = GUICtrlCreateListView("", 118, 165, 401, 160) GUICtrlSetFont(-1, 10, 400, 0, "Times New Roman") GUICtrlSetCursor (-1, 0) _GUICtrlListView_AddColumn($AvailableUpdatesList,"Available updates",397) $FileList=_FileListToArray("\\domain.com\apps\IDS","*.exe") If @error=1 Then MsgBox(0,"","No folders found.") Exit EndIf If @error=4 Then MsgBox(0,"","No files found.") Exit EndIf Dim $a_lv_array[$FileList[0]][1] For $i = 1 To $FileList[0] $a_lv_array[$i - 1][0] = $FileList[$i] Next _GUICtrlListView_AddArray($AvailableUpdatesList,$a_lv_array) $UpdateButton = GUICtrlCreateButton("Update", 120, 360, 153, 41, $WS_GROUP) GUICtrlSetFont(-1, 12, 800, 0, "Times New Roman") $CancelButton = GUICtrlCreateButton("Cancel", 440, 360, 81, 41, $WS_GROUP) GUICtrlSetFont(-1, 12, 800, 0, "Times New Roman") $Directions3 = GUICtrlCreateLabel("After clicking Update, there will be a delay while file is downloading.", 110, 410, 463, 25) GUICtrlSetFont(-1, 9, 400, 0, "Times New Roman") GUISetState() #EndRegion ### END Koda GUI section ### While 1 $nMsg = GUIGetMsg() WinMove("IDS Updater","",100,100) Switch $nMsg Case $GUI_EVENT_CLOSE Exit Case $CancelButton Exit Case $UpdateButton Local $sUserName = "admin" Local $sDomainName = "domain.com" Local $sPassword = "secret" Local $sSelected = _GUICtrlListView_GetItemText($AvailableUpdatesList,number(_GUICtrlListView_GetSelectedIndices($AvailableUpdatesList))) If Not IsAdmin() Then _RunAsElevate($sUserName, $sDomainName, $sPassword, 0, "\\domain.com\apps\IDS\" & $sSelected, @WindowsDir, "") Else MsgBox(0,"Silly goose.","You're an admin. You don't need to run this.") EndIf Sleep(200) Exit EndSwitch WEnd Link to comment Share on other sites More sharing options...
willichan Posted September 10, 2014 Share Posted September 10, 2014 Only helps bypass UAC though, not elevating normal user to admin. But couldn't you use RunAs() without password prompts or UAC prompts in this case, since the script would be running as System? My UDFs: Barcode Libraries, Automate creation of any type of project folder, File Locking with Cooperative Semaphores, Inline binary files, Continue script after reboot, WinWaitMulti, Name Aggregator, Enigma, CornedBeef Hash Link to comment Share on other sites More sharing options...
JohnOne Posted September 10, 2014 Share Posted September 10, 2014 I don't think the OP want's users to have admin password. AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
koons Posted September 10, 2014 Author Share Posted September 10, 2014 We are trying to give standard users without admin rights the ability to run a few .exe files without us having to enter credentials. Link to comment Share on other sites More sharing options...
JohnOne Posted September 10, 2014 Share Posted September 10, 2014 So you are OK with having password in script? AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
koons Posted September 10, 2014 Author Share Posted September 10, 2014 Yes. Link to comment Share on other sites More sharing options...
JohnOne Posted September 10, 2014 Share Posted September 10, 2014 Then why can you not just RunAs(...) with admin password? AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
jguinch Posted September 10, 2014 Share Posted September 10, 2014 I have an other idea, simplest : Build an exe file (call it elevate.exe) from this code : #RequireAdmin #NoTrayIcon If $CmdLine[0] <> 1 AND $CmdLine[0] <> 3 Then Exit Local $sWorkingDir = @WorkingDir Local $sProgram = $CmdLine[1] If $CmdLine[0] = 3 AND $CmdLine[2] = "-w" Then $sWorkingDir = $CmdLine[3] Run($sProgram, $sWorkingDir) Copy manually the generated elevate.exe in you Windows directory (@WindowsDir) - on the user's computer. Now, from your script, you can run as admin user AND elevate privileges your program, using : RunAs($username, $domain, $password, 0,"elevate.exe "you program.exe" -w "c:\the working directory") Do you understand what I mean ? Spoiler Network configuration UDF, _DirGetSizeByExtension, _UninstallList Firefox ConfigurationArray multi-dimensions, Printer Management UDF Link to comment Share on other sites More sharing options...
koons Posted September 15, 2014 Author Share Posted September 15, 2014 jguinch, I appreciate all your help so far. I am unable to build the elevate.exe file from your code. Is there some syntax missing? Link to comment Share on other sites More sharing options...
jguinch Posted September 15, 2014 Share Posted September 15, 2014 No, just copy/paste it in a new file and then compile it. I cannot help you more for the compilation... Spoiler Network configuration UDF, _DirGetSizeByExtension, _UninstallList Firefox ConfigurationArray multi-dimensions, Printer Management UDF Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now