Jump to content

Running file as admin in Win 7 vs XP


koons
 Share

Recommended Posts

So it seems like there is no way to do what I am trying to do here.  Is that a fair assumption?

If you want a non admin user to be able to run admin scripts/programs on a windows vista or 7 machine without running as a different admin user with supplied admin password of said admin user then yes.

You might try looking at >UAC Pass to see if that helps.

Only helps bypass UAC though, not elevating normal user to admin.

AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Link to comment
Share on other sites

  • Replies 57
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

And thank the software Gods that you can't run it that way.

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Link to comment
Share on other sites

Is it acceptable for your users to have the UAC Administrator User Prompt to accept the program starts (without having to enter credentials) ?

Edited by jguinch
Link to comment
Share on other sites

Can you try this code (of course, change $username, $password and $domain :) ?

#pragma compile(AutoItExecuteAllowed, True)


$username = "jguinch"
$password = "P@$$w0rd!"
$domain = @ComputerName

_RunAsElevate($username, $domain, $password, 0, "notepad.exe", @WindowsDir, "")







Func _RunAsElevate($sUsername,$sDomain, $sPassword, $iLogonFlag, $sProgram, $sWorkingDir = @SystemDir, $iShowFlag = "")
   Local $sLauncher
   Local $sWritableDir = @AppDataCommonDir ; Writable folder for all users
   Local $sFileTemp = $sWritableDir & "\myScript.au3" ; an AutoIt script that will be launched with the specified account

   ; Code to write to the launcher
   Local $sCommand  = "#RequireAdmin" & @CRLF & _
                      "Run ( '" & $sProgram & "', '" & $sWorkingDir & "'" & ( $iShowFlag ? ", " & $iShowFlag : "")  & ")"

   ; Write code
   Local $hFile = FileOpen($sFileTemp, 2)
   Local $iRet = FileWrite($sFileTemp, $sCommand)
   FileClose($hFile)
   If $iRet = 0 Then Return SetError(1, 0, 0)

   If @Compiled Then
      $iRet = FileCopy( @ScriptFullPath, $sWritableDir & "\" & @ScriptName, 1) ; Copy of the compiled, to prevent any denied access
      If $iRet = 0 Then
         FileDelete($sFileTemp)
         Return SetError(1, 0, 0)
      EndIf


      $sLauncher = $sWritableDir & "\" & @ScriptName
   Else
      $sLauncher = @AutoItExe
   EndIf

   ; Starting the launcher with the specified account.
   ; If the specified account is an admin type, the user will be prompted to allow the program execution
   ; If the specified account is NOT an admin type, the user will be prompted to enter admin credentials
   RunAsWait($sUsername, $sDomain, $sPassword, $iLogonFlag, $sLauncher & ' /AutoIt3ExecuteScript "' & $sFileTemp & '"')

   ; Deletes the launcher
   FileDelete($sFileTemp)
   FileDelete($sLauncher)
EndFunc
Edited by jguinch
Link to comment
Share on other sites

Not to sound dumb, but where would I insert this into my code?  

And yes, I did know to change the credentials at least.  Give me a little credit.   ;)   

 

Edit:  I assume the function would have to run under "Case $UpdateButton" below the "If Not IsAdmin" part?

Edited by koons
Link to comment
Share on other sites

Well :

Add #pragma compile(AutoItExecuteAllowed, True) at the top of the script

Replace RunAs by the _RunAsElevate line

Add the Func _RunAsElevate where you want

Edited by jguinch
Link to comment
Share on other sites

Well that seems promising.  It appears to elevate the command but it throws back an error.

Line 0 (File "C:ProgramDatamyScript.au3"):

Error: Error opening the file.

 

 

Now on my system, I'm an admin and I got that error the first time I ran it.  But I tried it a second time and it works.  The standard user keeps getting the above error.

Edited by koons
Link to comment
Share on other sites

Hmmm, so for testing purposes, I copied the myScript.au3 that was created in my C:ProgramData folder to the user's C:ProgramData folder and ran the .exe again but it worked this time.  So for some reason the script isn't creating that myScript.au3 file in the user's ProgramData folder.  Any clues as to what could cause that?

 

Could I change the @AppDataCommonDir to @UserProfileDir to ensure the user has full rights to the directory?

Edited by koons
Link to comment
Share on other sites

I feel like it is so close.  Here is the full script I have now.

#pragma compile(AutoItExecuteAllowed, True)

#include <ButtonConstants.au3>
#include <GUIConstantsEx.au3>
#include <ListViewConstants.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
#include <file.au3>
#include <array.au3>
#include <GuiListView.au3>


Func _RunAsElevate($sUsername,$sDomain, $sPassword, $iLogonFlag, $sProgram, $sWorkingDir = @SystemDir, $iShowFlag = "")
   Local $sLauncher
   Local $sWritableDir = @AppDataCommonDir ; Writable folder for all users
   Local $sFileTemp = $sWritableDir & "\myScript.au3" ; an AutoIt script that will be launched with the specified account

   ; Code to write to the launcher
   Local $sCommand  = "#RequireAdmin" & @CRLF & _
                      "Run ( '" & $sProgram & "', '" & $sWorkingDir & "'" & ( $iShowFlag ? ", " & $iShowFlag : "")  & ")"

   ; Write code
   Local $hFile = FileOpen($sFileTemp, 2)
   Local $iRet = FileWrite($sFileTemp, $sCommand)
   FileClose($hFile)
   If $iRet = 0 Then Return SetError(1, 0, 0)

   If @Compiled Then
      $iRet = FileCopy( @ScriptFullPath, $sWritableDir & "\" & @ScriptName, 1) ; Copy of the compiled, to prevent any denied access
      If $iRet = 0 Then
         FileDelete($sFileTemp)
         Return SetError(1, 0, 0)
      EndIf


      $sLauncher = $sWritableDir & "\" & @ScriptName
   Else
      $sLauncher = @AutoItExe
   EndIf

   ; Starting the launcher with the specified account.
   ; If the specified account is an admin type, the user will be prompted to allow the program execution
   ; If the specified account is NOT an admin type, the user will be prompted to enter admin credentials
   RunAsWait($sUsername, $sDomain, $sPassword, $iLogonFlag, $sLauncher & ' /AutoIt3ExecuteScript "' & $sFileTemp & '"')

   ; Deletes the launcher
   FileDelete($sFileTemp)
   FileDelete($sLauncher)
EndFunc


#Region ### START Koda GUI section ### Form=c:\documents and settings\andrew.mclean\my documents\scripts\idsupdater\idsupdater.kxf
$IDSUpdaterForm = GUICreate("IDS Updater", 633, 447, 1584, 161)
    GUISetBkColor(0xA6CAF0)
$IDSUpdaterTitle = GUICtrlCreateLabel("IDS Updater 2.0", 179, 24, 275, 49)
    GUICtrlSetFont(-1, 30, 800, 4, "Garamond")
    GUICtrlSetColor(-1, 0x000000)
$Directions1 = GUICtrlCreateLabel("Please select the update you wish to install from the below list", 85, 104, 463, 25)
    GUICtrlSetFont(-1, 14, 400, 0, "Times New Roman")
$Directions2 = GUICtrlCreateLabel(" and hit the Update button.", 217, 136, 203, 25)
    GUICtrlSetFont(-1, 14, 400, 0, "Times New Roman")
    GUISetState(@SW_SHOW)
$AvailableUpdatesList = GUICtrlCreateListView("", 118, 165, 401, 160)
    GUICtrlSetFont(-1, 10, 400, 0, "Times New Roman")
    GUICtrlSetCursor (-1, 0)
    _GUICtrlListView_AddColumn($AvailableUpdatesList,"Available updates",397)
$FileList=_FileListToArray("\\domain.com\apps\IDS","*.exe")
    If @error=1 Then
        MsgBox(0,"","No folders found.")
        Exit
    EndIf
    If @error=4 Then
        MsgBox(0,"","No files found.")
        Exit
    EndIf
    Dim $a_lv_array[$FileList[0]][1]
    For $i = 1 To $FileList[0]
        $a_lv_array[$i - 1][0] = $FileList[$i]
    Next
    _GUICtrlListView_AddArray($AvailableUpdatesList,$a_lv_array)
$UpdateButton = GUICtrlCreateButton("Update", 120, 360, 153, 41, $WS_GROUP)
    GUICtrlSetFont(-1, 12, 800, 0, "Times New Roman")
$CancelButton = GUICtrlCreateButton("Cancel", 440, 360, 81, 41, $WS_GROUP)
    GUICtrlSetFont(-1, 12, 800, 0, "Times New Roman")
$Directions3 = GUICtrlCreateLabel("After clicking Update, there will be a delay while file is downloading.", 110, 410, 463, 25)
    GUICtrlSetFont(-1, 9, 400, 0, "Times New Roman")
GUISetState()
#EndRegion ### END Koda GUI section ###

While 1
    $nMsg = GUIGetMsg()
    WinMove("IDS Updater","",100,100)
    Switch $nMsg
        Case $GUI_EVENT_CLOSE
            Exit
        Case $CancelButton
            Exit
        Case $UpdateButton
            Local $sUserName = "admin"
            Local $sDomainName = "domain.com"
            Local $sPassword = "secret"
            Local $sSelected = _GUICtrlListView_GetItemText($AvailableUpdatesList,number(_GUICtrlListView_GetSelectedIndices($AvailableUpdatesList)))
            If Not IsAdmin() Then
                _RunAsElevate($sUserName, $sDomainName, $sPassword, 0, "\\domain.com\apps\IDS\" & $sSelected, @WindowsDir, "")
            Else
                MsgBox(0,"Silly goose.","You're an admin.  You don't need to run this.")
            EndIf
            Sleep(200)
            Exit
    EndSwitch
 WEnd
Link to comment
Share on other sites

Only helps bypass UAC though, not elevating normal user to admin.

But couldn't you use RunAs() without password prompts or UAC prompts in this case, since the script would be running as System?

Link to comment
Share on other sites

I have an other idea, simplest :

Build an exe file (call it elevate.exe) from this code :

#RequireAdmin
#NoTrayIcon

If $CmdLine[0] <> 1 AND $CmdLine[0] <> 3 Then Exit

Local $sWorkingDir = @WorkingDir

Local $sProgram = $CmdLine[1]
If $CmdLine[0] = 3 AND $CmdLine[2] = "-w" Then $sWorkingDir = $CmdLine[3]

Run($sProgram, $sWorkingDir)

Copy manually the generated elevate.exe in you Windows directory (@WindowsDir) - on the user's computer.

Now, from your script, you can run as admin user AND elevate privileges your program, using :

RunAs($username, $domain, $password, 0,"elevate.exe "you program.exe" -w "c:\the working directory")

Do you understand what I mean ?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...