Sign in to follow this  
Followers 0
b303

Runasset And Xp Sp2

3 posts in this topic

Does anyone have any experience with RunAsSet/RunWait not working after windows sp2? To be more specific not working as a logon script? The exe runs fine if I kick it off manually, but throws this error

Error: Unable to execute the external program.

Access is denied

when it runs as a logon script. To make matters worse I pretty much know for a fact it is service pack 2. I've got several thousand machines running the program fine as pre sp2 machines. (also when I remove sp2 the program works fine!)

I tried changing the working directory, but that doesn't seem to be it. FYI, Our machines run with non admin privileges, thus the need for RunAsSet.

any information would be greatly appreciated.

Script: (changed slightly to protect the innocent)

RunAsSet("username", "domain", "mypassword")

filechangedir("c:\Windows")

Runwait("c:\windows\system32\cscript.exe \\s72010\scriptmaint\getacl.vbs", "C:\Windows")

;MsgBox(4096,"Installation", "Installed successfully.")

RunAsSet()

Mark

Share this post


Link to post
Share on other sites



Interesting article, however since I am depending on autoit to call the script for me I am stuck with whatever process internally it is using. (Not to mention that the article looks to have originated from late 2004 and does not seem to have any kind of resolution)

Am i to assume then that autoit is using the api call CreateProcessWithLogonW? Microsoft has stated that you cannot call CreateProcessWithLogonW from a process running under the LocalSystem account. This is because the function uses the logon SID in the caller token and the token for the LocalSystem account does not contain this SID. Since this is being called before logon the process definately wouldn't have a logon sid and would be run by the system.

So in short I am up the creek without a paddle? (I did read somewhere else that it might be possible with CreateProcessAsUser and LogonUser, but that would require me to rewrite the code and verify that this is even possible as a machine startup script. I liked autoit because it wasn't so bulky. Oh well.)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0