Misuranai Posted September 16, 2022 Posted September 16, 2022 (edited) Hi, I would like to run an autoit script as another user with more rights than my current user with normal user rights. The script should change the static ip-address of an ethernet network adapter. It works also fine with my user (because I am local admin) but the script is written for someone who doesn't have local admin rights. I already looked up into the "RunAs"-Command but I didn't want to run another programme as another user. I want to run the inside script as another user (same file). This is my code but it doesn't work as I imagine: expandcollapse popup#RequireAdmin #include <ButtonConstants.au3> #include <ComboConstants.au3> #include <EditConstants.au3> #include <GUIConstantsEx.au3> #include <StaticConstants.au3> #include <WindowsConstants.au3> #include <Array.au3> #include <Network.au3> #include <GuiIPAddress.au3> #include <AutoItConstants.au3> #include <Permissions.au3> $infos = _GetNetworkAdapterInfos("Ethernet") $aRtoString = _ArrayToString($infos) $split = StringSplit($aRtoString, "|") #Region ### START Koda GUI section ### Form= $NetworkInsert = GUICreate("Network Insert", 248, 312, 192, 124) $cbNetAdapList = GUICtrlCreateCombo("", 56, 48, 137, 25, BitOR($CBS_DROPDOWN,$CBS_AUTOHSCROLL), $WS_EX_CLIENTEDGE) $lbNetAdapList = GUICtrlCreateLabel("Netzwerkadapter auswählen:", 56, 24, 142, 17) $Label1 = GUICtrlCreateLabel("", 64, 32, 4, 4) $Label2 = GUICtrlCreateLabel("IP-Adresse eingeben:", 72, 80, 105, 17) $inIPAdresse = _GUICtrlIpAddress_Create($NetworkInsert, 56, 104, 137, 21) $lbSubnetmask = GUICtrlCreateLabel("Subnetzmaske eingeben:", 64, 136, 124, 17) $inSubnetmask = _GUICtrlIpAddress_Create($NetworkInsert, 56, 160, 137, 21) $Label3 = GUICtrlCreateLabel("Standardgateway eingeben:", 56, 192, 137, 17) $inGateway = _GUICtrlIpAddress_Create($NetworkInsert, 56, 216, 137, 21) $btnAendern = GUICtrlCreateButton("Ändern", 88, 264, 75, 25) GUISetState(@SW_SHOW) #EndRegion ### END Koda GUI section ### GUICtrlSetData($cbNetAdapList, $split[8]) While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE Exit Case $btnAendern If Not IsAdmin() Then _LogonOnUser("Adminuser", "Adminpassword", "Domainname") _EnableStatic(GUICtrlRead($cbNetAdapList), _GUICtrlIpAddress_Get($inIPAdresse), _GUICtrlIpAddress_Get($inSubnetmask)) _SetGateways(GUICtrlRead($cbNetAdapList), _GUICtrlIpAddress_Get($inGateway)) _LogOffUser() EndIf EndSwitch WEnd Func _LogonOnUser($sUsername, $sPassword, $sServer = @LogonDomain) Local $aRet Local $stToken Local $phToken Local $nError = -1 $stToken = DllStructCreate("int") $aRet = DllCall("advapi32.dll", "int", "LogonUser", _ "str", $sUsername, _ "str", $sServer, _ "str", $sPassword, _ "dword", 8, _ ; LOGON32_LOGON_NETWORK_CLEARTEXT "dword", 0, _ "ptr", DllStructGetPtr($stToken)) $phToken = DllStructGetData($stToken, 1) If Not @error And $aRet[0] <> 0 Then ;Return True ; Return True if user exists $aRet = DllCall("advapi32.dll", "int", "ImpersonateLoggedOnUser", "ptr", $phToken) If Not @error And $aRet[0] <> 0 Then ConsoleWrite("Impersonated User = " & @UserName & @CRLF) ; Do Impersonation Stuff Here _InitiatePermissionResources() ; Requires Permissions UDF Else $aet = DllCall("kernel32.dll", "int", "GetLastError") If Not @error Then $nError = $aRet[0] EndIf DllCall("kernel32.dll", "int", "CloseHandle", "ptr", $phToken) Else $aRet = DllCall("kernel32.dll", "int", "GetLastError") If Not @error Then $nError = $aRet[0] EndIf If $nError > -1 Then SetError($nError) Return 0 EndIf Return 1 EndFunc ;==>_LogOnUser Func _LogOffUser() _ClosePermissionResources() ; Requires Permissions UDF DllCall("advapi32.dll", "int", "RevertToSelf") ConsoleWrite("RevertToSelf User = " & @UserName & @CRLF) EndFunc Do you have any idea how to realize this? Thanks in Advanced! Permissions.au3Fetching info... NetworkInsert.au3Fetching info... Edited September 19, 2022 by Misuranai
AutoBert Posted September 16, 2022 Posted September 16, 2022 Can you put the links for the included files: Quote !->Includefile <Network.au3> not found. !->Includefile <Permissions.au3> not found. Expand to your post, thank's (auto)Bert
Misuranai Posted September 19, 2022 Author Posted September 19, 2022 On 9/16/2022 at 12:46 PM, AutoBert said: Can you put the links for the included files: to your post, thank's (auto)Bert Expand Hi, here are the 2 UDFs. Best regards NetworkInsert.au3Fetching info... Permissions.au3Fetching info...
Misuranai Posted September 26, 2022 Author Posted September 26, 2022 Does anyone have an idea how to solve this problem?
Danny35d Posted September 28, 2022 Posted September 28, 2022 Add the code below after the last #include. It should make your script to runas someone else. The first time the script runs $CMDLine[0] value is zero which will re-run the script as someone else and exit the first script. The second script running as someone else has the parameter /RunAs making $CMDLine[0] value one and continue with the rest of the script. #include <AutoItConstants.au3> If $CMDLine[0] = 0 Then RunAs("Username", "Domain", "Password", $RUN_LOGON_NOPROFILE, @AutoItExe & " /RunAs", @ScriptDir) Exit EndIf AutoIt Scripts:NetPrinter - Network Printer UtilityRobocopyGUI - GUI interface for M$ robocopy command line
Misuranai Posted September 30, 2022 Author Posted September 30, 2022 On 9/28/2022 at 11:14 AM, Danny35d said: Add the code below after the last #include. It should make your script to runas someone else. The first time the script runs $CMDLine[0] value is zero which will re-run the script as someone else and exit the first script. The second script running as someone else has the parameter /RunAs making $CMDLine[0] value one and continue with the rest of the script. #include <AutoItConstants.au3> If $CMDLine[0] = 0 Then RunAs("Username", "Domain", "Password", $RUN_LOGON_NOPROFILE, @AutoItExe & " /RunAs", @ScriptDir) Exit EndIf Expand Thanks for that, but it seems it doesn't work. I have put it under the includes and it doesn't even start the script.
rsn Posted September 30, 2022 Posted September 30, 2022 (edited) What I've done in the past when a user needs to be an admin is temporarily add that user to the administrators group and then remove them after it's no longer needed in the script. You'll probably still need some secondary/external apps to do it though. Depending on requirements, I've also added a single run scheduled task that runs at logoff/shutdown to make sure the user is removed from the administrators group and force the logoff or shutdown. Edited September 30, 2022 by rsn
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now