Sign in to follow this  
Followers 0
Traskiz

Windows 10 RunAs script problem

12 posts in this topic

Hello,

 

I have a problem, I cant run script as administrator in Windows 10:

main.exe:

RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'EnableBITSMaxBandwidth','REG_DWORD',Number('1'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxTransferRateOnSchedule','REG_DWORD',Number('100'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxBandwidthValidFrom','REG_DWORD',Number('7'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxBandwidthValidTo','REG_DWORD',Number('22'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'UseSystemMaximum','REG_DWORD',Number('1'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxTransferRateOffSchedule','REG_DWORD',Number('400'))

run.exe:

Global $sUserName = "administrator"
Global $sPassword = "pass"
Global $sDomain = "domain"
RunAsWait($sUserName, $sDomain, $sPassword, 2, "main.exe", "", @TempDir)

If I run "run.exe" it dont work...

If  I change main.exe to this:

msgbox(1,"",@username)        

and it runs and shows administrator in message box... but it cant elevate main.exe with RegWrite() command...

 

I tried using #RequireAdmin in first line of main.exe, but it not worked... UAC is set to "do not notify"

 

 

This method of elevation worked on Windows 7 and Windows XP...

Please help!

Share this post


Link to post
Share on other sites

It's a x64 OS? From helpfile Running the 32-bit version of AutoIt on a x64 System

Quote

For registry interaction, use HKCR64 or HKLM64 to bypass the redirection mechanism see Registry Functions documentation.

 

Share this post


Link to post
Share on other sites
6 minutes ago, AutoBert said:

It's a x64 OS? From helpfile Running the 32-bit version of AutoIt on a x64 System

 

It's x64 OS. So I must compile to x64 autoit script?

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

Compiled  main.exe as x64 runs without any changes on x64 OS. With the suggested changes from helpfile it runs on x86 and x64 OS.

Edited by AutoBert

Share this post


Link to post
Share on other sites
38 minutes ago, AutoBert said:

Compiled  main.exe as x64 runs without any changes on x64 OS. With the suggested changes from helpfile it runs on x86 and x64 OS.

I dont understand how to fix it. What i have to do? main.exe works when I log in with administrator, but I want to Elevate standart user to execute main.exe with run.exe, but that dont work...

Share this post


Link to post
Share on other sites

Insert IsAdmin in main.au3 for checking the elevation is done.

Share this post


Link to post
Share on other sites
6 minutes ago, AutoBert said:

Insert IsAdmin in main.au3 for checking the elevation is done.

main.exe:

If IsAdmin() Then
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'EnableBITSMaxBandwidth','REG_DWORD',Number('1'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxTransferRateOnSchedule','REG_DWORD',Number('100'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxBandwidthValidFrom','REG_DWORD',Number('7'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxBandwidthValidTo','REG_DWORD',Number('22'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'UseSystemMaximum','REG_DWORD',Number('1'))
RegWrite('HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS', 'MaxTransferRateOffSchedule','REG_DWORD',Number('400'))
Else
MsgBox(1,"Error", "Admin rights needed")
EndIf

 

 

And I get message box :( what I do wrong?

Share this post


Link to post
Share on other sites

disclaimer: not tested, will test when have time. but i noticed in your run.exe script you call RunAsWait with logon flag 2. this is used for accessing only network resources with the specified account, local resources - like the registry - are still accessed with the calling account. change logon flag to 0 or 1 and check.

Share this post


Link to post
Share on other sites

RunAsWait and RunAs does not give the Admin Token, and will not run a process with full admin rights.  It will only run the process under the context of the user with limited rights, even if they are an admin.  To your main.exe script,  add #RequireAdmin at the top and re-compile.  This will request elevation and the Admin Token when run by RunAsWait as the RunAs user.  There are quite few threads on this topic.  

 

Adam

Share this post


Link to post
Share on other sites
12 hours ago, orbs said:

disclaimer: not tested, will test when have time. but i noticed in your run.exe script you call RunAsWait with logon flag 2. this is used for accessing only network resources with the specified account, local resources - like the registry - are still accessed with the calling account. change logon flag to 0 or 1 and check.

Tried all of logon flag...0,1,2 and 4...

11 hours ago, AdamUL said:

RunAsWait and RunAs does not give the Admin Token, and will not run a process with full admin rights.  It will only run the process under the context of the user with limited rights, even if they are an admin.  To your main.exe script,  add #RequireAdmin at the top and re-compile.  This will request elevation and the Admin Token when run by RunAsWait as the RunAs user.  There are quite few threads on this topic.  

 

Adam

As I said... I tied this:

20 hours ago, Traskiz said:

 

I tried using #RequireAdmin in first line of main.exe, but it not worked... UAC is set to "do not notify"

 

 

Please help... Maybe Windows dont let RunAs function? because of security or something ?

Share this post


Link to post
Share on other sites

Sorry for missing that in your post.  My guess is that this is a UAC issue.  Since you have it turned off, its seems that the script cannot get the full admin rights to write to the reg keys.  I usually run with UAC enabled and ConsentPromptBehaviorAdmin set to $UAC_ELEVATE_WITHOUT_PROMPTING.  Have a look at my UAC UDF for setting this setting.  

There is one other thing that you can try, without changing your UAC settings.  Add the following to the top of your main.exe script.  This should force Windows to run it with full admin rights.  Also, make sure that the RunAs user is in the local Administrators group or a group that is in that group.  

#pragma compile(ExecLevel, requireAdministrator)

 

Adam

Share this post


Link to post
Share on other sites

AdamUL-

Thanks for the tip about #pragma.  That fixed it for me.

-Barry.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Similar Content

    • TheWizEd
      By TheWizEd
      How do I work with 2D arrays.  I've tried this but get errors.
      Local $aTest[4][4] = [[1,2,3,4],[5,6,7,8],[9,10,11,12],[13,14,15,16]]
      ;$aTest[0][] = [10,11,12]  ; Error at []
      Local $sTest = ""
      For $i = 0 To UBound($aTest)-1
        Local $aExtract = _ArrayExtract($aTest,$i,$i)
        $sTest = $sTest & MyTest($aExtract)
      Next
      Func MyTest($aTemp)
        _ArrayDisplay($aTemp)
        ; Error at    v $aTemp
        Return String($aTemp[0]) & " - " & String($aTemp[1]) & " - " & String($aTemp[2]) & @CRLF
      EndFunc
       
       
    • AndyK70
      By AndyK70
      I'm trying to fill a ListView with all normal viewable windows to act with them.
      First I tried with WinList:
      Local $aWinList = WinList("[REGEXPTITLE:(?i)(.+)]") Local $aTmp, $iID ;~ _ArrayDisplay($aWinList) For $i = $aWinList[0][0] To 1 Step -1 ; going backwards not disturbing the index while cycling through and deleting some If StringStripWS( $aWinList[$i][0], 3) == "" Or _ Not BitAND(WinGetState($aWinList[$i][1]), $WIN_STATE_VISIBLE) Or _ BitAND(WinGetState($aWinList[$i][1]), $WIN_STATE_MINIMIZED ) Then _ArrayDelete($aWinList, $i) Else ; Window has a Title and is "visible" $aTmp = WinGetPos($aWinList[$i][1]) If $aTmp[0] < -1000 Or $aTmp[1] < -1000 Then ; Window is minimized or tray icon _ArrayDelete($aWinList, $i) EndIf EndIf Next $aWinList[0][0] = UBound($aWinList)-1 ; getting actual # of windows ; Each row is now [ID]=> [Title], [hWnd] But it keeps getting Windows which are definitely not there at least not visible:

      Those windows "Rechner", "Einstellungen", "Netflix", "Microsoft Store", ... are not there!?! 
      It should list only the first three windows, which are real.
      I even tried it with _WinAPI_ UDF:
      $hWnd = _WinAPI_GetForegroundWindow() ; Add items _GUICtrlListView_BeginUpdate($idListview) If $hWnd <> 0 Then $iI = 0 Do If _WinAPI_IsWindow($hWnd) And _WinAPI_IsWindowVisible Then _GUICtrlListView_AddItem($idListview, WinGetTitle($hWnd)) _GUICtrlListView_AddSubItem($idListview, $iI, $hWnd, 1) $iI += 1 $hWnd = _WinAPI_GetWindow($hWnd, $GW_HWNDNEXT) EndIf Until $hWnd = 0 EndIf But it is the same...
       
      How can i distinguish those invisible windows from normal ones?
      PS: I'm using Windows 10, maybe it is important to know?
    • davidacrozier
      By davidacrozier
      Hello all ~
      I am running an autoit script on Windows 10 inside VMware Workstation 12 Pro version 12.5.2.  Technically I am remoting into ESXi which has a Domain Controller (DC), WebServer, FilServer, Windows 10, etc.  Using the GUI (i.e. running explorer.exe) I am able to open several different folders successfully.  The desktop, documents, USB external all open without issue.  The network share opening gives me issues.  Whenever I attempt to open \\filserver\users\user\sharedfolder I get the documents folder instead.  I understand that the documents folder is the default for explorer.  I have also attempted to use the letter drive mapped to the network share (Z:) and receive the same result.  When I run this script on Windows 10 alone without  the VM or the ESXi I am able to open the network share without problems.  I have tried to use the net use command to designate a letter M: to the network share folder prior to running the script.  This did not work for me.  
      One additional avenue I think might work is to use the systreeview321 and _GUICtrlTreeView_FindItem to step through the tree looking for the network share.  Once found,  double click on it and see if that opens the shared network folder.  I can click inside the VM with my mouse on the network share and it opens just fine.  Not sure if running up against GUI issues, or permission issues, or what?
      Thanks in advance,
      Davida Crozier
      TestNetworkShare.au3
      This script is a subset of a much larger program, but it illustrates what I am dealing with.

    • MrMajorThorburn
      By MrMajorThorburn
      Using sample code:
      #include <MsgBoxConstants.au3> ; Find a pure red pixel in the range 0,0-20,300
      Local $aCoord = PixelSearch(0, 0, 20, 300, 0xFF0000)
      If Not @error Then
          MsgBox($MB_SYSTEMMODAL, "", "X and Y are: " & $aCoord[0] & "," & $aCoord[1])
      Else
          MsgBox($MB_SYSTEMMODAL, "", "Pure Not Found")
      EndIf ; Find a pure red pixel or a red pixel within 10 shades variations of pure red
      $aCoord = PixelSearch(0, 0, 20, 300, 0xFF0000, 10)
      If Not @error Then
          MsgBox($MB_SYSTEMMODAL, "", "X and Y are: " & $aCoord[0] & "," & $aCoord[1])
      Else
          MsgBox($MB_SYSTEMMODAL, "", "Variant Not Found")
      EndIf   and the attached screenshot which has Pure Red (FF0000) in one icon in the area being searched. Would someone please check this out for me?
    • BBs19
      By BBs19
      Features:
      Create modern looking borderless and resizable GUIs with control buttons (Close,Maximize/Restore,Minimize, Fullscreen, Menu) True borderless, resizeable GUI with full support for aerosnap etc. Many color schemes/themes included. See MetroThemes.au3 for more details. 3 type of Windows 8/10 style buttons. Modern checkboxes, radios, toggles and progressbar. All buttons, checkboxes etc. have hover effects! Windows 10 style modern MsgBox. Windows 10/Android style menu that slides in from left. Windows 10 style right click menu  
      Credits: @UEZ, for the function to create buttons with text using GDIPlus. @binhnx for his SSCtrlHover UDF
       
      Changelog:
      Download UDF with example: