Sign in to follow this  
Followers 0
Traskiz

Windows 10 RunAs script problem

12 posts in this topic

Hello,

 

I have a problem, I cant run script as administrator in Windows 10:

main.exe:

RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'EnableBITSMaxBandwidth','REG_DWORD',Number('1'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxTransferRateOnSchedule','REG_DWORD',Number('100'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxBandwidthValidFrom','REG_DWORD',Number('7'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxBandwidthValidTo','REG_DWORD',Number('22'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'UseSystemMaximum','REG_DWORD',Number('1'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxTransferRateOffSchedule','REG_DWORD',Number('400'))

run.exe:

Global $sUserName = "administrator"
Global $sPassword = "pass"
Global $sDomain = "domain"
RunAsWait($sUserName, $sDomain, $sPassword, 2, "main.exe", "", @TempDir)

If I run "run.exe" it dont work...

If  I change main.exe to this:

msgbox(1,"",@username)        

and it runs and shows administrator in message box... but it cant elevate main.exe with RegWrite() command...

 

I tried using #RequireAdmin in first line of main.exe, but it not worked... UAC is set to "do not notify"

 

 

This method of elevation worked on Windows 7 and Windows XP...

Please help!

Share this post


Link to post
Share on other sites



It's a x64 OS? From helpfile Running the 32-bit version of AutoIt on a x64 System

Quote

For registry interaction, use HKCR64 or HKLM64 to bypass the redirection mechanism see Registry Functions documentation.

 

Share this post


Link to post
Share on other sites
6 minutes ago, AutoBert said:

It's a x64 OS? From helpfile Running the 32-bit version of AutoIt on a x64 System

 

It's x64 OS. So I must compile to x64 autoit script?

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

Compiled  main.exe as x64 runs without any changes on x64 OS. With the suggested changes from helpfile it runs on x86 and x64 OS.

Edited by AutoBert

Share this post


Link to post
Share on other sites
38 minutes ago, AutoBert said:

Compiled  main.exe as x64 runs without any changes on x64 OS. With the suggested changes from helpfile it runs on x86 and x64 OS.

I dont understand how to fix it. What i have to do? main.exe works when I log in with administrator, but I want to Elevate standart user to execute main.exe with run.exe, but that dont work...

Share this post


Link to post
Share on other sites

Insert IsAdmin in main.au3 for checking the elevation is done.

Share this post


Link to post
Share on other sites
6 minutes ago, AutoBert said:

Insert IsAdmin in main.au3 for checking the elevation is done.

main.exe:

If IsAdmin() Then
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'EnableBITSMaxBandwidth','REG_DWORD',Number('1'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxTransferRateOnSchedule','REG_DWORD',Number('100'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxBandwidthValidFrom','REG_DWORD',Number('7'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxBandwidthValidTo','REG_DWORD',Number('22'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'UseSystemMaximum','REG_DWORD',Number('1'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxTransferRateOffSchedule','REG_DWORD',Number('400'))
Else
MsgBox(1,"Error", "Admin rights needed")
EndIf

 

 

And I get message box :( what I do wrong?

Share this post


Link to post
Share on other sites

disclaimer: not tested, will test when have time. but i noticed in your run.exe script you call RunAsWait with logon flag 2. this is used for accessing only network resources with the specified account, local resources - like the registry - are still accessed with the calling account. change logon flag to 0 or 1 and check.

Share this post


Link to post
Share on other sites

RunAsWait and RunAs does not give the Admin Token, and will not run a process with full admin rights.  It will only run the process under the context of the user with limited rights, even if they are an admin.  To your main.exe script,  add #RequireAdmin at the top and re-compile.  This will request elevation and the Admin Token when run by RunAsWait as the RunAs user.  There are quite few threads on this topic.  

 

Adam

Share this post


Link to post
Share on other sites
12 hours ago, orbs said:

disclaimer: not tested, will test when have time. but i noticed in your run.exe script you call RunAsWait with logon flag 2. this is used for accessing only network resources with the specified account, local resources - like the registry - are still accessed with the calling account. change logon flag to 0 or 1 and check.

Tried all of logon flag...0,1,2 and 4...

11 hours ago, AdamUL said:

RunAsWait and RunAs does not give the Admin Token, and will not run a process with full admin rights.  It will only run the process under the context of the user with limited rights, even if they are an admin.  To your main.exe script,  add #RequireAdmin at the top and re-compile.  This will request elevation and the Admin Token when run by RunAsWait as the RunAs user.  There are quite few threads on this topic.  

 

Adam

As I said... I tied this:

20 hours ago, Traskiz said:

 

I tried using #RequireAdmin in first line of main.exe, but it not worked... UAC is set to "do not notify"

 

 

Please help... Maybe Windows dont let RunAs function? because of security or something ?

Share this post


Link to post
Share on other sites

Sorry for missing that in your post.  My guess is that this is a UAC issue.  Since you have it turned off, its seems that the script cannot get the full admin rights to write to the reg keys.  I usually run with UAC enabled and ConsentPromptBehaviorAdmin set to $UAC_ELEVATE_WITHOUT_PROMPTING.  Have a look at my UAC UDF for setting this setting.  

There is one other thing that you can try, without changing your UAC settings.  Add the following to the top of your main.exe script.  This should force Windows to run it with full admin rights.  Also, make sure that the RunAs user is in the local Administrators group or a group that is in that group.  

#pragma compile(ExecLevel, requireAdministrator)

 

Adam

Share this post


Link to post
Share on other sites

AdamUL-

Thanks for the tip about #pragma.  That fixed it for me.

-Barry.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Similar Content

    • afallenhope
      AutoitExe not working on Win 10
      By afallenhope
      Hello all! 
      I am having a bit of trouble and was wondering if anyone may have a workaround for my issue. I made a script that would automatically install a piece of software each night on a Windows 7 Box. Now I have been instructed to do the same with a Windows 10 box since the application is now being tested on Windows 10. 
      The way I did the win7 installation was that I made a script and then made an executable that I call with a batch file along with the Installer. So the process is 
      AutoitMainFile calls batch file, batch file opens Installer, and the automatedinstaller.exe  The automatedinstlaller waits 10-20 seconds to make sure the Installer has been fully loaded.
      When I try to do the same both get loaded but the automatedinstallation.exe does not send commands to the installer. The code does work and nothing from the program we are wanting to install has changed as our Windows 7 runs every night no problem. 
       
      Do I need to make a new automatedinstall script for windows 10? 
      Any advice is appreciated 
      Thanks,
      Richard
    • Mbee
      [Solved] New "sys tray" access problems under Windows 10
      By Mbee
      One of my GUI applications requires that a particular third-party application not only be running, but be present in the "sys tray" (aka Taskbar). When this 3p app is active but not in the systray/taskbar, it is not ready for proper use, and I must inform the user about this.
      Here is a code snippet that used to work fine under Windows 7:
      ; ; #FUNCTION# ========================================================================================================= ; Name...........: _Get_Systray_BtnIndex ; Description ...: Determines if an appllication with the specified title is running in the Systen Tray ; and if so, returns the relative index number of it's button on the tray. ; Syntax.........: _Get_Systray_BtnIndex($iTitleText) ; Parameters ....: $iTitleText -> The (tool-tip) title of the desired application ; Return values .: Success - Returns the index number of the desired appliction button, 1 being the first ; Failure - Returns 0 if desired application is not found in the System Tray ; Sets @error as follows: ; 0: Normal return ; -1: System Tray was empty (i.e., no appllications running the tray) ; -2: No System Tray was found ; Remarks .......; Setting any parameter to -1 leaves the current value unchanged ; Setting the $iStyle parameter to 'Default' resets ALL parameters to default values <<<<<<<<<<<<<<<<<<<<<<< ; Setting any other parameter to "Default" only resets that parameter ; Author ........: Poster "war59312", and code was found at URL: ; http://www.autoitscript.com/forum/topic/40550-check-if-program-is-running-under-system-tray/#entry902746 ; Modified by mjb on 26-June-2014 to return @extended error code rather than using MsgBox() to report errors. ; Func _Get_Systray_BtnIndex($sToolTipTitle) ; Find systray handle Local $hSysTray_Handle = ControlGetHandle('[Class:Shell_TrayWnd]', '', '[Class:ToolbarWindow32;Instance:1]') If @error Then Return SetError( -2, 0, 0 ) EndIf ; Get systray item count Local $iSystray_ButCount = _GUICtrlToolbar_ButtonCount($hSysTray_Handle) If $iSystray_ButCount = 0 Then Return SetError( -1, 0 , 0 ) EndIf ; Look for wanted tooltip For $iSystray_ButtonNumber = 0 To $iSystray_ButCount - 1 If StringInStr(_GUICtrlToolbar_GetButtonText($hSysTray_Handle, $iSystray_ButtonNumber), $sToolTipTitle) > 0 Then ExitLoop Next If $iSystray_ButtonNumber = $iSystray_ButCount Then Return 0 ; Desired application is NOT running in the System Tray Else Return $iSystray_ButtonNumber ; Application was found in the SysTray EndIf EndFunc ;==> _Get_Systray_BtnIndex ;  
      But what's happening under Windows 10 is that the "_GUICtrlToolbar_ButtonCount()" always returns 1, even though there are 10-14 items visible in the Task Bar.  Unsurprisingly, the single item returned has nothing to do with the 3'rd party application in question.
      As you probably know, Microsoft made significant changes to the systray/taskbar since Windows 7 (or at least by Windows 10). I spent quite a while searching MSDN for some other way to accomplish what I need, but I must be too stupid to figure it out.
      Please help.   Thanks!
       
    • Surf243
      Setting ACLs using alternate credentials
      By Surf243
      Hello,
      I've been using this UDF to set ACL permissions to some network folders, everything works great (no issues). However, I want to apply these permissions using elevated domain credentials supplied by the user and not the user that's currently running the script. As a temporary solution, I've implemented a RunAs function, but that's not the solution I'm looking for. I'm not fluent with using Dlls, but I have been trying out different methods.
      My RunAs Function:
      Func _RunAs($sUser, $sPass) If @Compiled Then RunAs($sUser, @LogonDomain, $sPass, 4, FileGetShortName(@ScriptFullPath), "", @SW_MAXIMIZE) Else RunAs($sUser, @LogonDomain, $sPass, 4, FileGetShortName(@AutoItExe) & " " & FileGetShortName(@ScriptFullPath), "", @SW_MAXIMIZE) EndIf EndFunc ;==>_RunAs I tried LogonUser and I know that I can take that token to ImpersonateLoggedOnUser, but I'm not sure how to implement that or if that's even the right method. I also need to RevertToSelf once completed.
      Func _LogonUser($sUsername, $sPassword, $sServer = @LogonDomain) ; Returns True if user exists Local $stToken $stToken = DllStructCreate("int") Local $aRet = DllCall("advapi32.dll", "int", "LogonUser", _ "str", $sUsername, "str", $sServer, "str", $sPassword, "dword", 3, "dword", 0, "ptr", DllStructGetPtr($stToken)) ;$hToken = DllStructGetData($stToken, 1) If Not @error And $aRet[0] <> 0 Then Return True EndIf Return False EndFunc ;==>_LogonUser Any assistance, suggestions or idea's would be helpful.
      Thanks!
    • damon
      RegWrite with Windows 10
      By damon
      I am having an issue with windows 10 and regwrite.  when i run my script it acts as though it has updated the registry but when i view the registry it has not updated the keys.  I added error checking to the script but it is not showing errors.  now if i remove #requireadmin i will get error 1 - unable to open requested key.
      her is my code.
       
      #include <MsgBoxConstants.au3> #include <WinAPIFiles.au3> #include <Process.au3> ; Declared Variables Global $userName = "user" Global $userPassword = "Ktesting" Global $autologin = "1" Global $notification = "0" Global $balloon = "0" If @OSArch = "X64" Then Global $HKLM = "HKLM64" Else Global $HKLM = "HKLM" EndIf ; Looks for switch on program start If $CmdLine[0] > 0 Then ; looks for switch on startup If $CmdLine[1] = "/boot" Then BootMachine() Else MachineInstallation() EndIf ; Setup Kiosk for first time Func MachineInstallation() #RequireAdmin MsgBox (1, "Installation", "Starting Install") ; Add Program to Run registry Key RegWrite ($HKLM & "\SOFTWARE\Microsoft\Windows\CurrentVersion\Run", "DL Kiosk", "REG_SZ", "c:\temp\DL Testing Kiosk\dl testing kiosk.exe /boot") If @error Then MsgBox (1, "error", @error) EndIf ; Add Automatic Logon Registry Key RegWrite ($HKLM & "\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon", "AutoAdminLogon", "REG_SZ", $autologin) If @error Then MsgBox (1, "error", @error) EndIf RegWrite ($HKLM & "\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon", "DefaultUserName", "REG_SZ", $userName) If @error Then MsgBox (1, "error", @error) EndIf RegWrite ($HKLM & "\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon", "DefaultPassword", "REG_SZ", $userPassword) If @error Then MsgBox (1, "error", @error) EndIf ; Pop Ups and Notification Center Registry RegWrite ("HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer", "DisableNotificationCenter", "REG_SZ", $notification) If @error Then MsgBox (1, "error", @error) EndIf RegWrite ("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced", "EnableBalloonTips", $balloon) If @error Then MsgBox (1, "error", @error) EndIf MsgBox (1, "Installation", "Install completed") EndFunc Exit  
      EDIT:
      i think i figured out my problem.  I was missing the space between Windows and NT.  user error, sorry.  
    • dreivilo47
      [Solved] WinMenuSelectItem doesn't work with my Dutch Notepad
      By dreivilo47
      I have a Dutch version of Windows 10.
      The Dutch word for "File" = "Bestand" and for "Page Setup" = "Pagina-instelling".
      WinMenuSelectItem doesn't select this items.  What can be the reason?
       
      Run("notepad.exe") WinWaitActive("[CLASS:Notepad]") WinMenuSelectItem("[CLASS:Notepad]", "", "Bestand", "Pagina-instelling...") Sleep(4000) WinClose("[CLASS:Notepad]")