TMelanson

Using non system variable with WMI

6 posts in this topic

Hi folks,

I'm hoping someone can help me out here.

Background:
I have the need to run a program with admin credentials (#RequireAdmin), and then get the SID of the locally logged in account. Not the admin account.

If you look at the attached script, Line 16 uses the @UserName variable and returns the SID for the admin account I used to launch the app.
I want to use line 17 which passes the result of the _GetUsername function which is a username using  ($UserName) to the WMIService.

I'm getting " The requested action with this object has failed.:" error message.

Any suggestions would be appreciated! :D

 

test1.au3

Share this post


Link to post
Share on other sites



I'm no expert with "winmgmts", but i can say the reason why the object fails, is the method "Get" with your properties is throwing an exception. And AutoIt does not work well with object exceptions, without catching object events.

I would think the code below MIGHT be a solution.

MsgBox(0, "", _Security__SidToStringSid(_Security__GetAccountSid($UserName)))

otherwise something like this:

$objAccount = $objWMIService.ExecQuery("SELECT SID FROM Win32_UserAccount WHERE Name='"&@UserName&"'"); i use @UserName, as the return from "_GetUsername()" contains string terminating char(s) and makes the query fail.
For $row in $objAccount
    ConsoleWrite($row.Name&@CRLF)
    ConsoleWrite($row.SID&@CRLF)
Next

 

Anyway, i hope some of this will be helpful.

1 person likes this

Share this post


Link to post
Share on other sites

Here is a way to get the list of logged on users (from the registry)  :

#RequireAdmin


#include <Security.au3>
#include <Array.au3>

Local $aLoggedOnUsers = _GetLoggedOnUsers()
_ArrayDisplay($aLoggedOnUsers)

Func _GetLoggedOnUsers()
    Local $sSubkey, $i = 0, $aUserInfo, $aResult[1][2], $iCount
    While 1
        $i += 1
        $sSubkey = RegEnumKey("HKEY_USERS", $i)
        If @error Then ExitLoop

        If StringRegExp($sSubkey, "^S-1-5-21-(\d+-){3}\d+$") Then
            $iCount += 1
            $aUserInfo = _Security__LookupAccountSid ($sSubkey )

            Redim $aResult[$iCount + 1][2]
            $aResult[$iCount][0] = $aUserInfo[1] & "\" & $aUserInfo[0]
            $aResult[$iCount][1] = $sSubkey
        EndIf
    WEnd
    $aResult[0][0] = $iCount
    Return $aResult
EndFunc

 

1 person likes this

Share this post


Link to post
Share on other sites
16 hours ago, genius257 said:

I'm no expert with "winmgmts", but i can say the reason why the object fails, is the method "Get" with your properties is throwing an exception. And AutoIt does not work well with object exceptions, without catching object events.

I would think the code below MIGHT be a solution.

MsgBox(0, "", _Security__SidToStringSid(_Security__GetAccountSid($UserName)))

otherwise something like this:

$objAccount = $objWMIService.ExecQuery("SELECT SID FROM Win32_UserAccount WHERE Name='"&@UserName&"'"); i use @UserName, as the return from "_GetUsername()" contains string terminating char(s) and makes the query fail.
For $row in $objAccount
    ConsoleWrite($row.Name&@CRLF)
    ConsoleWrite($row.SID&@CRLF)
Next

 

Anyway, i hope some of this will be helpful.

Thank you so much genius257! This works like a charm but it take a considerably longer time to generate the SID. Not sure why but it works :)

Share this post


Link to post
Share on other sites
15 hours ago, jguinch said:

Here is a way to get the list of logged on users (from the registry)  :

#RequireAdmin


#include <Security.au3>
#include <Array.au3>

Local $aLoggedOnUsers = _GetLoggedOnUsers()
_ArrayDisplay($aLoggedOnUsers)

Func _GetLoggedOnUsers()
    Local $sSubkey, $i = 0, $aUserInfo, $aResult[1][2], $iCount
    While 1
        $i += 1
        $sSubkey = RegEnumKey("HKEY_USERS", $i)
        If @error Then ExitLoop

        If StringRegExp($sSubkey, "^S-1-5-21-(\d+-){3}\d+$") Then
            $iCount += 1
            $aUserInfo = _Security__LookupAccountSid ($sSubkey )

            Redim $aResult[$iCount + 1][2]
            $aResult[$iCount][0] = $aUserInfo[1] & "\" & $aUserInfo[0]
            $aResult[$iCount][1] = $sSubkey
        EndIf
    WEnd
    $aResult[0][0] = $iCount
    Return $aResult
EndFunc

 

Oh this is a much quicker way to obtain the SID. Thanks so much jguinch!

Share this post


Link to post
Share on other sites
1 minute ago, TMelanson said:

Thank you so much genius257! This works like a charm but it take a considerably longer time to generate the SID. Not sure why but it works

Happy to help :)

Yeah, i imagine a better, faster way exists, but i don't know enough about it to be able to help, I'm afraid :)

1 person likes this

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Similar Content

    • davidacrozier
      By davidacrozier
      Hello all ~
      I am running an autoit script on Windows 10 inside VMware Workstation 12 Pro version 12.5.2.  Technically I am remoting into ESXi which has a Domain Controller (DC), WebServer, FilServer, Windows 10, etc.  Using the GUI (i.e. running explorer.exe) I am able to open several different folders successfully.  The desktop, documents, USB external all open without issue.  The network share opening gives me issues.  Whenever I attempt to open \\filserver\users\user\sharedfolder I get the documents folder instead.  I understand that the documents folder is the default for explorer.  I have also attempted to use the letter drive mapped to the network share (Z:) and receive the same result.  When I run this script on Windows 10 alone without  the VM or the ESXi I am able to open the network share without problems.  I have tried to use the net use command to designate a letter M: to the network share folder prior to running the script.  This did not work for me.  
      One additional avenue I think might work is to use the systreeview321 and _GUICtrlTreeView_FindItem to step through the tree looking for the network share.  Once found,  double click on it and see if that opens the shared network folder.  I can click inside the VM with my mouse on the network share and it opens just fine.  Not sure if running up against GUI issues, or permission issues, or what?
      Thanks in advance,
      Davida Crozier
      TestNetworkShare.au3
      This script is a subset of a much larger program, but it illustrates what I am dealing with.

    • spudw2k
      By spudw2k
      Recently I was using csvde to execute some LDAP queries on a domain controller to create some reports.  I noticed that when I queried the objectSID, it was returned (output) in binary format instead of the S-#-#-##-### (string) format I needed to compare with.  I found there was a function I could use in the Security.au3 UDF to convert the SID Binary value to the SID String format; however, the example in the help file collected the SID binary value by using another function to lookup an AD object by name.  Since I already had the SID, this "step" was erroneous to me, but I was still required to do some work to make the _Security__SidToStringSid function accept my binary values--namely creating and populating a DLLStruct before using as a parameter for the SidToSTringSid function.  Below is a small illustration of what I did. It wasn't particularly complicated or difficult, but may provide some insight to folks who don't mess/work with DLLStructs much.  Also, my "real" script utilized a lengthy CSV report and parsed it to replace the binary values with the SID strings.  I just wanted to share this snippet.
      #include <security.au3> msgbox(0,"Builtin\Users",_SIDBinaryToStr("01020000000000052000000021020000")) msgbox(0,"Builtin\Guests",_SIDBinaryToStr("01020000000000052000000022020000")) msgbox(0,"Domain Users",_SIDBinaryToStr("010500000000000515000000e2ef6c5193efdefff2b6dd4401020000")) Func _SIDBinaryToStr($hSID) Local $tSID = DllStructCreate("byte SID[256]") DllStructSetData($tSID, "SID", Binary("0x" & $hSID)) Local $sStringSID = _Security__SidToStringSid($tSID) Return $sStringSID EndFunc  
    • MrMajorThorburn
      By MrMajorThorburn
      Using sample code:
      #include <MsgBoxConstants.au3> ; Find a pure red pixel in the range 0,0-20,300
      Local $aCoord = PixelSearch(0, 0, 20, 300, 0xFF0000)
      If Not @error Then
          MsgBox($MB_SYSTEMMODAL, "", "X and Y are: " & $aCoord[0] & "," & $aCoord[1])
      Else
          MsgBox($MB_SYSTEMMODAL, "", "Pure Not Found")
      EndIf ; Find a pure red pixel or a red pixel within 10 shades variations of pure red
      $aCoord = PixelSearch(0, 0, 20, 300, 0xFF0000, 10)
      If Not @error Then
          MsgBox($MB_SYSTEMMODAL, "", "X and Y are: " & $aCoord[0] & "," & $aCoord[1])
      Else
          MsgBox($MB_SYSTEMMODAL, "", "Variant Not Found")
      EndIf   and the attached screenshot which has Pure Red (FF0000) in one icon in the area being searched. Would someone please check this out for me?
    • nikink
      By nikink
      Hi all,
      I have a bit of code that works on my old Win10 PC, that fails on my new Win10 PC, and I think the only significant difference is the version of Autoit - old PC has 3.3.12, new has 3.3.14.
      I couldn't find anything mentioned in the change logs though, so perhaps I'm wrong.
      Anyway, the code to replicate my issue is:
      Test('username', 'DOMAIN') ; THIS ERRORS: ;Test('localun', 'DOMAIN') ; THIS ERRORS: ;Test(' ', ' ') ; THIS ERRORS: ;Test('', '') ; THIS ERRORS: ;Test('localun', '') ; THIS ERRORS: ;Test('', 'DOMAIN') Func Test($un, $dom) $compName = 'PCNAME' $FullName = '.' $Description = '.' ; get the WIM object $objWMIService = ObjGet("winmgmts:\\" & $compName & "\root\cimv2") ; get default user full name and description $objAccount = $objWMIService.Get("Win32_UserAccount.Name='" & $un & "',Domain='" & $dom & "'") If IsObj($objAccount) Then $FullName = $objAccount.FullName $Description = $objAccount.Description EndIf ConsoleWrite($FullName & @CRLF) ConsoleWrite($Description & @CRLF) Return EndFunc  
      On my old PC this code will output just . and . for each of those line currently commented out. Which is fine.
      On my new PC any of those commented out lines of code cause an error, and the script won't even compile.
      $objAccount = $objWMIService.Get("Win32_UserAccount.Name='" & $un & "',Domain='" & $dom & "'") $objAccount = $objWMIService^ ERROR I'm very much a newb with the WMI stuff and objects, but it looks like the .Get property is failing when either $un or $dom aren't valid in v3.3.14, whereas in 3.3.12 the .Get would fail to return an object, which is then caught by the If statement.
      Am I on track with this? Is there some new/better way to code the example so that 3.3.14 will compile it?
    • BBs19
      By BBs19
      Features:
      Create modern looking borderless and resizable GUIs with control buttons (Close,Maximize/Restore,Minimize, Fullscreen, Menu) True borderless, resizeable GUI with full support for aerosnap etc. Many color schemes/themes included. See MetroThemes.au3 for more details. 3 type of Windows 8/10 style buttons. Modern checkboxes, radios, toggles and progressbar. All buttons, checkboxes etc. have hover effects! Windows 10 style modern MsgBox. Windows 10/Android style menu that slides in from left. Windows 10 style right click menu  
      Credits: @UEZ, for the function to create buttons with text using GDIPlus. @binhnx for his SSCtrlHover UDF
       
      Changelog:
      Download UDF with example: