Sign in to follow this  
Followers 0
Traskiz

Windows 10 RunAs script problem

12 posts in this topic

Hello,

 

I have a problem, I cant run script as administrator in Windows 10:

main.exe:

RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'EnableBITSMaxBandwidth','REG_DWORD',Number('1'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxTransferRateOnSchedule','REG_DWORD',Number('100'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxBandwidthValidFrom','REG_DWORD',Number('7'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxBandwidthValidTo','REG_DWORD',Number('22'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'UseSystemMaximum','REG_DWORD',Number('1'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxTransferRateOffSchedule','REG_DWORD',Number('400'))

run.exe:

Global $sUserName = "administrator"
Global $sPassword = "pass"
Global $sDomain = "domain"
RunAsWait($sUserName, $sDomain, $sPassword, 2, "main.exe", "", @TempDir)

If I run "run.exe" it dont work...

If  I change main.exe to this:

msgbox(1,"",@username)        

and it runs and shows administrator in message box... but it cant elevate main.exe with RegWrite() command...

 

I tried using #RequireAdmin in first line of main.exe, but it not worked... UAC is set to "do not notify"

 

 

This method of elevation worked on Windows 7 and Windows XP...

Please help!

Share this post


Link to post
Share on other sites



It's a x64 OS? From helpfile Running the 32-bit version of AutoIt on a x64 System

Quote

For registry interaction, use HKCR64 or HKLM64 to bypass the redirection mechanism see Registry Functions documentation.

 

Share this post


Link to post
Share on other sites
6 minutes ago, AutoBert said:

It's a x64 OS? From helpfile Running the 32-bit version of AutoIt on a x64 System

 

It's x64 OS. So I must compile to x64 autoit script?

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

Compiled  main.exe as x64 runs without any changes on x64 OS. With the suggested changes from helpfile it runs on x86 and x64 OS.

Edited by AutoBert

Share this post


Link to post
Share on other sites
38 minutes ago, AutoBert said:

Compiled  main.exe as x64 runs without any changes on x64 OS. With the suggested changes from helpfile it runs on x86 and x64 OS.

I dont understand how to fix it. What i have to do? main.exe works when I log in with administrator, but I want to Elevate standart user to execute main.exe with run.exe, but that dont work...

Share this post


Link to post
Share on other sites

Insert IsAdmin in main.au3 for checking the elevation is done.

Share this post


Link to post
Share on other sites
6 minutes ago, AutoBert said:

Insert IsAdmin in main.au3 for checking the elevation is done.

main.exe:

If IsAdmin() Then
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'EnableBITSMaxBandwidth','REG_DWORD',Number('1'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxTransferRateOnSchedule','REG_DWORD',Number('100'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxBandwidthValidFrom','REG_DWORD',Number('7'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxBandwidthValidTo','REG_DWORD',Number('22'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'UseSystemMaximum','REG_DWORD',Number('1'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxTransferRateOffSchedule','REG_DWORD',Number('400'))
Else
MsgBox(1,"Error", "Admin rights needed")
EndIf

 

 

And I get message box :( what I do wrong?

Share this post


Link to post
Share on other sites

disclaimer: not tested, will test when have time. but i noticed in your run.exe script you call RunAsWait with logon flag 2. this is used for accessing only network resources with the specified account, local resources - like the registry - are still accessed with the calling account. change logon flag to 0 or 1 and check.

Share this post


Link to post
Share on other sites

RunAsWait and RunAs does not give the Admin Token, and will not run a process with full admin rights.  It will only run the process under the context of the user with limited rights, even if they are an admin.  To your main.exe script,  add #RequireAdmin at the top and re-compile.  This will request elevation and the Admin Token when run by RunAsWait as the RunAs user.  There are quite few threads on this topic.  

 

Adam

Share this post


Link to post
Share on other sites
12 hours ago, orbs said:

disclaimer: not tested, will test when have time. but i noticed in your run.exe script you call RunAsWait with logon flag 2. this is used for accessing only network resources with the specified account, local resources - like the registry - are still accessed with the calling account. change logon flag to 0 or 1 and check.

Tried all of logon flag...0,1,2 and 4...

11 hours ago, AdamUL said:

RunAsWait and RunAs does not give the Admin Token, and will not run a process with full admin rights.  It will only run the process under the context of the user with limited rights, even if they are an admin.  To your main.exe script,  add #RequireAdmin at the top and re-compile.  This will request elevation and the Admin Token when run by RunAsWait as the RunAs user.  There are quite few threads on this topic.  

 

Adam

As I said... I tied this:

20 hours ago, Traskiz said:

 

I tried using #RequireAdmin in first line of main.exe, but it not worked... UAC is set to "do not notify"

 

 

Please help... Maybe Windows dont let RunAs function? because of security or something ?

Share this post


Link to post
Share on other sites

Sorry for missing that in your post.  My guess is that this is a UAC issue.  Since you have it turned off, its seems that the script cannot get the full admin rights to write to the reg keys.  I usually run with UAC enabled and ConsentPromptBehaviorAdmin set to $UAC_ELEVATE_WITHOUT_PROMPTING.  Have a look at my UAC UDF for setting this setting.  

There is one other thing that you can try, without changing your UAC settings.  Add the following to the top of your main.exe script.  This should force Windows to run it with full admin rights.  Also, make sure that the RunAs user is in the local Administrators group or a group that is in that group.  

#pragma compile(ExecLevel, requireAdministrator)

 

Adam

Share this post


Link to post
Share on other sites

AdamUL-

Thanks for the tip about #pragma.  That fixed it for me.

-Barry.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Similar Content

    • dreivilo47
      By dreivilo47
      When I want to test Example 1 of Function _IECreate (AutoIt Help File), I see that function _IECreate doesn't work in Windows 10.
      Syntax Check (Ctrl+F5) gives no errors.
       
      Example 1:
      ; Create a browser window and navigate to a website #include <IE.au3> Local $oIE = _IECreate("www.autoitscript.com")  
      The error I receive with F5 (Tools, Go) in SciTE:

    • Chaym
      By Chaym
      Does AutoIT supported  in Windows 10 OS (x64)?
      After installing AutoIT in x64 OS and recompiling code,
      I get a lot of error messages...
       
    • kristo
      By kristo
      The DriveGetDrive command returned all drives (option "ALL") for years now and my program could always rely on that function. Suddenly a drive letter that was created with the subst command does not appear in the list of drives anymore. And it clearly did, because I used to react to a certain subst command by reacting to new or revoked (subst /D) drive letters.
      Why is that? I think this a bug because there's no way left to list ALL drive letters anymore.
      And why should I use an API command for that when this was already built in for years?

       
    • kokoilie
      By kokoilie
      I'm making a program that has a combo control in a gui and back in win7 when the window was focused the scroll wheel could be used to scroll through it's contents, now i'm using win10 and i have to put the mouse on that control to scroll up and down.
      Since now the scroll wheel works depending on where the mouse is, is there a way to make it no matter where on the gui the pointer is?
      Also if the only way to do it is some complex hotkey functions will it work with pressing space to toggle a checkbox?
      If you need to see what i have so far let me know and i'll copy it here.
    • ModemJunki
      By ModemJunki
      Hello,
      In Windows 10 PowerShell, one can do this to change the metric for a NIC in Windows 10:
      Get-NetAdapter | Where-Object -FilterScript {$_.InterfaceAlias -Eq "Ethernet 2"} | Set-NetIPInterface -InterfaceMetric 2 I know I can script the above PowerShell line (and it works!), but I wanted to try something I hadn't done before after looking into jguinch's most excellent Network configuration UDF. I wanted to make use of the SetIPConnectionMetric method in the WMI classes. There is an example VBscript here but this is not for Windows 10. Using AutoIT would also give better control over capturing error return codes than with PowerShell.
      But I cannot get my script to work! The return from SetIPConnectionMetric() is 0, which would indicate success. Yet the change does not happen. I also tried WMI methods using .put_ but this fails.
      Anyone more experienced than I have ideas to make this work?
      #RequireAdmin _SetNicInterfaceMetric2("Ethernet 2", "2") Func _SetNicInterfaceMetric2($NIC_NAME, $METRIC) Local $s_setIndx = 0 $objWMIService = ObjGet("winmgmts:{impersonationLevel = impersonate}!\\" & "." & "\root\cimv2") $colNICItems = $objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapter WHERE NetConnectionID = '" & $NIC_NAME & "'", "WQL") If IsObj($colNICItems) Then For $objItem In $colNICItems $s_nicIndex = $objItem.Index Next ConsoleWrite("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE Index = '" & $s_nicIndex & "'" & @CRLF) $colNAC = $objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE Index = '" & $s_nicIndex & "'", "WQL") If IsObj($colNAC) Then For $objNetCard In $colNAC If $METRIC <> $objNetCard.IPConnectionMetric Then ConsoleWrite("Metric was set to " & $objNetCard.IPConnectionMetric & ". Setting to " & $METRIC & "." & @CRLF) $s_isSet = $objNetCard.SetIPConnectionMetric($METRIC) ConsoleWrite("SetIPConnectionMetric Result = " & $s_isSet & @CRLF) Else ConsoleWrite("Metric is already set to " & $METRIC & @CRLF) EndIf Next EndIf EndIf EndFunc ;==>_SetNicInterfaceMetric2