Jump to content
graybags

@Username changing

Recommended Posts

graybags

Hi,

I need to block internet access to a few hundred PC's at work, and I'm doing that by removing the address in the "AutoConfigURL" box in the LAN settings of IE.  That's working fine.

It's stored in the current user, so I'm using this script to get the SID, then write to the correct key:

#include <Security.au3>

Local $Array = _Security__LookupAccountName( @UserName )
Local $UserSID = $Array[0]

RegDelete ( 'HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings', 'AutoConfigURL' )

The problem is that in the same script, I'd like to write to the registry where I need admin access.  If I add a #RequireAdmin to the top of the file, the @UserName changes to MY admin username, not the username of the currently logged on (non-admin) user.

Is there a way I can make @UserName stay the local username and not mine, if I add #RequireAdmin to the script?

I hope I've explained that clearly...  :'(

Thanks,

Graybags

 

Share this post


Link to post
Share on other sites
Chimp

I've no way to test here now, but maybe you could try to use EnvGet("username") instead of @username


small minds discuss people average minds discuss events great minds discuss ideas.... and use AutoIt....

Share this post


Link to post
Share on other sites
graybags
19 minutes ago, Chimp said:

I've no way to test here now, but maybe you could try to use EnvGet("username") instead of @username

Good idea...  But it didn't work, same admin ID came back :(

Share this post


Link to post
Share on other sites
jguinch

What about just running Internet Explorer from the script running as Admin ?
 

#RequireAdmin
RegWrite("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings", "AutoConfigURL", "REG_SZ", "http://yourserver/url.pac")
ShellExecute("iexplore.exe")

I know it's not a good idea to use a browser running as elevate privileges, but it could be sufficient ?

Share this post


Link to post
Share on other sites
Chimp

@graybags, just out of curiosity, what do you get if you use this snippet in your script?

Local $sKey = "HKLM" & (StringRight(@OSArch, 2) = "64" ? "64" : "") & "\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI"
Local $sUsername1, $sUsername2
$sUsername1 = RegRead($sKey, "LastLoggedOnUser")
$hPid = Run("WMIC computersystem get username /value", "", @SW_HIDE, 0x2) ; 0x2 -> $STDOUT_CHILD
Do
    $sUsername2 &= StdoutRead($hPid)
Until @error

ConsoleWrite(StringStripWS(StringMid($sUsername1, StringInStr($sUsername1, "\", 0, -1) + 1), 8) & @CRLF)
ConsoleWrite(StringStripWS(StringMid($sUsername2, StringInStr($sUsername2, "\", 0, -1) + 1), 8))

 


small minds discuss people average minds discuss events great minds discuss ideas.... and use AutoIt....

Share this post


Link to post
Share on other sites
Juvigy

I think you can do it by getting the username of the currently logged on user. For example get the username from the Explorer.exe process.

Share this post


Link to post
Share on other sites
graybags
18 hours ago, jguinch said:

What about just running Internet Explorer from the script running as Admin ?
 

#RequireAdmin
RegWrite("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings", "AutoConfigURL", "REG_SZ", "http://yourserver/url.pac")
ShellExecute("iexplore.exe")

I know it's not a good idea to use a browser running as elevate privileges, but it could be sufficient ?

The problem is, if I use:

RegWrite ( 'HKEY_USERS\' & $UserSID &

...then the $UserSID returns the SID of my admin username, not the user name of the local account.

#RequireAdmin

MsgBox ( 0, "", @UserName )

If I run that, the username that comes back (when I've logged in as an admin is my admin username. If I take out the #RequireAdmin @UserName returns what I want it to.

Share this post


Link to post
Share on other sites
graybags
17 hours ago, Chimp said:

@graybags, just out of curiosity, what do you get if you use this snippet in your script?

Local $sKey = "HKLM" & (StringRight(@OSArch, 2) = "64" ? "64" : "") & "\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI"
Local $sUsername1, $sUsername2
$sUsername1 = RegRead($sKey, "LastLoggedOnUser")
$hPid = Run("WMIC computersystem get username /value", "", @SW_HIDE, 0x2) ; 0x2 -> $STDOUT_CHILD
Do
    $sUsername2 &= StdoutRead($hPid)
Until @error

ConsoleWrite(StringStripWS(StringMid($sUsername1, StringInStr($sUsername1, "\", 0, -1) + 1), 8) & @CRLF)
ConsoleWrite(StringStripWS(StringMid($sUsername2, StringInStr($sUsername2, "\", 0, -1) + 1), 8))

 

I haven't actually got AutoIT installed on the PC's I'm running my script on, I just compile it and run it like that.  So I can't see the console.  I've just run the above on my own PC, and with the #RequireAdmin it comes back with my admin username, without #RequireAdmin, it doesn't list any usernames.

Share this post


Link to post
Share on other sites
graybags
8 hours ago, Juvigy said:

I think you can do it by getting the username of the currently logged on user. For example get the username from the Explorer.exe process.

Can you please explain how?  I thought that @UserName was the currently logged on user, but apparently not :(

Share this post


Link to post
Share on other sites
Subz

One way to get all logged on users:

#include <Array.au3>

Global $aLoggedOnUsers = _GetLoggedOnUsers()
_ArrayDisplay($aLoggedOnUsers)

Func _GetLoggedOnUsers()
    Opt("ExpandEnvStrings", 1)
    Local $sAccountSID, $sUserName, $i = 1
    Local $aLoggedOnUsers[1][2]
    Local $sProfileList = "HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProfileList"
    ;~ Get the default user profiles directory normally C:\Users\
    Local $sProfilesDir = RegRead($sProfileList, "ProfilesDirectory")
    ;~ Append Backslash to $sProfilesDir
    If StringRight($sProfilesDir, 1) <> "\" Then $sProfilesDir = $sProfilesDir & "\"
    While 1
        $sAccountSID = RegEnumKey("HKU", $i)
        If @error Then ExitLoop
        If StringLeft($sAccountSID, 9) = "S-1-5-21-" Then
            ;~ Get the Sid Username
            $sUserName = StringReplace(RegRead($sProfileList & "\" & $sAccountSID, "ProfileImagePath"), $sProfilesDir, "")
            If $sUserName <> "" Then _ArrayAdd($aLoggedOnUsers, "HKU\" & $sAccountSID & "|" & $sUserName)
        EndIf
        $i += 1
    WEnd
    $aLoggedOnUsers[0][0] = UBound($aLoggedOnUsers) - 1
    Return $aLoggedOnUsers
EndFunc

 

Share this post


Link to post
Share on other sites
BrewManNH

Try some of the suggestions in this thread:

 

 


If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites
ViciousXUSMC
Posted (edited)
21 hours ago, graybags said:

Hi,

I need to block internet access to a few hundred PC's at work, and I'm doing that by removing the address in the "AutoConfigURL" box in the LAN settings of IE.  That's working fine.

It's stored in the current user, so I'm using this script to get the SID, then write to the correct key:

#include <Security.au3>

Local $Array = _Security__LookupAccountName( @UserName )
Local $UserSID = $Array[0]

RegDelete ( 'HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings', 'AutoConfigURL' )

The problem is that in the same script, I'd like to write to the registry where I need admin access.  If I add a #RequireAdmin to the top of the file, the @UserName changes to MY admin username, not the username of the currently logged on (non-admin) user.

Is there a way I can make @UserName stay the local username and not mine, if I add #RequireAdmin to the script?

I hope I've explained that clearly...  :'(

Thanks,

Graybags

 

I know #RequireAdmin will keep the current user if the current user is an admin, what changes the context of the variable is that you run the script as the account you elevate permissions with.

You might just put a RunAs() in the script to run that one part as an account with admin access to do the task that needs it so that the entire script does not need elevation, if you are ok with elevating the script (assuming you must be manually typing the elevation prompt) why not just have a separate script for that part.  You can easily call that script from within the first one, and only have #RequireAdmin in the 2nd script. 

As for RunAs() something like run CMD as admin and use the Reg Add command should allow integration in your script without needing #RequireAdmin

Edited by ViciousXUSMC

Share this post


Link to post
Share on other sites
bernd670

Hello,

change <adminuser>, <domain>, <password> and try this

#include <Security.au3>

If Not IsAdmin() Then
    RunAs("<adminuser>", "<domain>", "<password>", 0, @ScriptFullPath & " /USER:" & @UserName, @ScriptDir, @SW_HIDE)
    Exit
EndIf

$UID = @UserName

If $cmdline[0] > 0 Then
    For $i = 0 To $cmdline[0]
        If (StringLeft($cmdline[$i], 6) = "/USER:") Then $UID = StringMid($cmdline[$i], 7)
    Next
EndIf

MsgBox(0, "", "LookupAccountName for " & $UID)

Local $Array = _Security__LookupAccountName($UID)
Local $UserSID = $Array[0]

RegDelete ( 'HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings', 'AutoConfigURL' )

 


greetings
bernd


I hacked 127.0.0.1 -> pcfred6.gif

Share this post


Link to post
Share on other sites
AdamUL

Have a look at using HKCUReg.au3, that is part of Engine's Registry UDFs.  This UDF allows you to edit registry keys for all user profiles, and a specified user profile.  Some examples are below.  

#include <HKCUReg.au3>

Global $sUserName = "username"
Global $sComputerName = "computername"

;Delete the key for all user profiles on local computer.
_HKCU_Delete("Software\Microsoft\Windows\CurrentVersion\Internet Settings", "AutoConfigURL")

;Delete the key for a specified user profile on local computer.
_HKCU_Delete("\\" & $sUserName & "\Software\Microsoft\Windows\CurrentVersion\Internet Settings", "AutoConfigURL")

;Delete the key on a remove computer for all users profiles.
_HKCU_Delete("\\\" & $sComputerName & "\Software\Microsoft\Windows\CurrentVersion\Internet Settings", "AutoConfigURL")

;Delete the key on a remote computer for a specified user profile.
_HKCU_Delete("\\\" & $sComputerName & "\\" & $sUserName  & "\Software\Microsoft\Windows\CurrentVersion\Internet Settings", "AutoConfigURL")

Adam

 

Share this post


Link to post
Share on other sites
Juvigy

You can use PS:

Get-WMIObject -class Win32_ComputerSystem | select username

OR check out here:https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-powershell-1.0/ff730963(v=technet.10)

OR use WMI

strComputer = "."   ' " use "." for local computer

Set objWMI = GetObject("winmgmts:" _
              & "{impersonationLevel=impersonate}!\\" _
              & strComputer & "\root\cimv2")

Set colSessions = objWMI.ExecQuery _
    ("Select * from Win32_LogonSession Where LogonType = 2 OR LogonType = 10")

If colSessions.Count = 0 Then
   Wscript.Echo "No interactive users found"
Else
   For Each objSession in colSessions
     If objSession.LogonType = 2 Then
       WScript.Echo "Logon type: Console"
     Else
       WScript.Echo "Logon type: RDP/Terminal Server"
     End If
     Set colList = objWMI.ExecQuery("Associators of " _
         & "{Win32_LogonSession.LogonId=" & objSession.LogonId & "} " _
         & "Where AssocClass=Win32_LoggedOnUser Role=Dependent" )

     For Each objItem in colList
       WScript.Echo "User: " & objItem.Name
       WScript.Echo "FullName: " & objItem.FullName
       WScript.Echo "Domain: " & objItem.Domain
     Next
     Wscript.Echo "Session start time: " & objSession.StartTime
     WScript.Echo
   Next
End If

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×