LucasZ Posted January 18, 2018 Posted January 18, 2018 Hi guys, I've been trying different methods of getting dsa.msc (Active Directory Users and Computers) running using AutoIt through CyberArk. I've tried several different methods and just can't seem to get it to launch when I test it locally and explicitly filling in the password and username variables. I even tried creating batch file that would launch dsa.msc and call that batchfile with the Runas command within AutoIt, but no luck. My current script is: Dsamsc() Func Dsamsc() Local $sUserName = "actualusername" Local $sPassword = "actualpassword>" ;Command to run batch file that will run dsa.msc as target user from CyberArk Local $iPID = RunAs($sUserName, @ComputerName, $sPassword, "dsamsc.bat", "", @SW_SHOWMAXIMIZED) WinWait("[CLASS:MMCMainFrame]", "", 10) ProcessClose($iPID) EndFunc I've tried changing the launch command to 'c:\windows\system32\mmc.exe "dsa.msc"' as well with no luck. Any help or advice in getting this done would be greatly appreciated.
Earthshine Posted January 18, 2018 Posted January 18, 2018 Perhaps add #RequireAdmin keyword at the top of the script? My resources are limited. You must ask the right questions
water Posted January 18, 2018 Posted January 18, 2018 (edited) Why automate the GUI? Use my AD UDF to directly access Active Directory. Edited January 18, 2018 by water Earthshine 1 My UDFs and Tutorials: Reveal hidden contents UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
Earthshine Posted January 18, 2018 Posted January 18, 2018 I don't even have that .msc file so I can't test. Water is 100% right My resources are limited. You must ask the right questions
LucasZ Posted January 18, 2018 Author Posted January 18, 2018 That doesn't make it function either unfortunately.
LucasZ Posted January 18, 2018 Author Posted January 18, 2018 I'm doing this through CyberArk so I don't want the users ever having access to the actual password themselves and it would allow the session to be recorded for review.
water Posted January 18, 2018 Posted January 18, 2018 Does CyberArk provide an API to handle such cases? My UDFs and Tutorials: Reveal hidden contents UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
LucasZ Posted January 18, 2018 Author Posted January 18, 2018 On 1/18/2018 at 8:42 PM, water said: Does CyberArk provide an API to handle such cases? Expand Not a built in one that I'm aware of. I'm creating a connection component utilizing AutoIt, which they seem to heavily recommend for things like this.
Earthshine Posted January 18, 2018 Posted January 18, 2018 I’ll do a little digging tomorrow morn. Getting tired. My resources are limited. You must ask the right questions
LucasZ Posted January 19, 2018 Author Posted January 19, 2018 On 1/18/2018 at 10:44 PM, Earthshine said: I’ll do a little digging tomorrow morn. Getting tired. Expand Yeah no worries. I appreciate you even looking at all. Have a great night and thank you.
LucasZ Posted January 23, 2018 Author Posted January 23, 2018 I figured out what I was doing wrong here. I had to add in the logon flag as a 2 after the $sPassword variable. Once I did that it processed successfully even with MMC and DSA.msc defined. So basically I changed below: RunAs($TargetUsername, $TargetDomain, $TargetPassword, 2, 'C:\Windows\System32\mmc.exe "C:\Windows\System32\dsa.msc"', "", @SW_SHOWMAXIMIZED) Hope this helps someone else. molsicor 1
chrweav86 Posted February 6, 2019 Posted February 6, 2019 (edited) I'm looking to do the same but for BeyondTrust instead of CyberArk. I want to launch mmc with the AD Snap-in and have BeyondTrust pass credentials to the AutoIT exe. This is the script I have thus far: #include <AutoItConstants.au3> #include <Constants.au3> If $CmdLine[0] <> 3 Then MsgBox($MB_OK, "Usage", "mmc_launch <domain> <username> <password>") Else mmc_launch($CmdLine[1], $CmdLine[2], $CmdLine[3]) EndIf mmc_launch() Func mmc_launch($domain, $username, $password) ; Run Notepad with the window maximized. Notepad is run under the user previously specified. Local $iPID = RunAs($Username, $Domain, $Password, 2, 'C:\Windows\System32\mmc.exe "C:\Windows\System32\dsa.msc"', "", @SW_SHOWMAXIMIZED) ; Wait for 2 seconds. Sleep(2000) ; Close the process using the PID returned by RunAs. ProcessClose($iPID) EndFunc Edited February 6, 2019 by Jos
Moderators JLogan3o13 Posted February 6, 2019 Moderators Posted February 6, 2019 @chrweav86 That's great you told us what you want. How about filling us in on what problem you're running into (error code, etc. etc.)? "Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball How to get your question answered on this forum!
Developers Jos Posted February 6, 2019 Developers Posted February 6, 2019 (edited) On 2/6/2019 at 8:29 PM, chrweav86 said: mmc_launch() Expand This line probably does that. What is it doing there? It is way easier to run it from SciTE first before compiling. ...and even better is to load the Full SciTE4AutoIt3 version which will run au3check before the run and tell you about these things: >Running AU3Check (3.3.14.5) from:C:\Program Files (x86)\AutoIt3 input:D:\Development\AutoIt3\programs\test\test.au3 "D:\test.au3"(12,47) : error: mmc_launch() called by a previous line with 0 arg(s). Min = 3. First previous line calling this Func is 7. Func mmc_launch($domain, $username, $password) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^ D:\Development\AutoIt3\programs\test\test.au3 - 1 error(s), 0 warning(s) Jos Edited February 6, 2019 by Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past.
chrweav86 Posted February 6, 2019 Posted February 6, 2019 I've got it working now. How do I elevate the script to run elevated with respect to UAC? I can get it to run with BeyondTrust with UAC turned off on the server. I removed the session killer and the mmclaunch() form the script and it works now.
Developers Jos Posted February 7, 2019 Developers Posted February 7, 2019 Just add #RequireAdmin at the top of your script? SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past.
molsicor Posted August 13, 2020 Posted August 13, 2020 I think I couldn't launch it well so my own script doesn't work
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now