Regedit / RunAs / Current User Key

[tAKTelapis]

Hey Everyone

Figured i would edit this into proper english, i was in a real rush when i wrote it, and figured someone may be able to help.

I have installed a piece of software onto the Computer Labs on the school i work for, and as usual, have copied the profile of the user i installed it as, into the Default User profile, so that certain software settings follow.

However, when the program first runs for a user, it writes information to the HKCU\Software\ of the registry.

Student accounts do not have permission to write to the registry, so this prevents the software from running.

I have a list of all the keys which i need to create, and create an AutoIT script with a "RegWrite()" statement for each key, when ran as myself (i have admin rights) it creates the keys correctly.

If i add a RunAsSet("Administrator", @computername, "password"), The keys fail to show up, my best guess is that they are writing the the HCKU\Software registry entry for the user "Administrator" instead of the Currently Logged in User. (i have attempted this with all three possible flags, all have the same result)

My Next idea was to RuAs admin, and then:

Run("Regedit.exe /s c:\RegistryKey.reg")

Running the Regedit command with the switches via a Run prompt directly works fine, however, calling it from AutoIT in this manner fails in all cases, there is no error, the command runs, but it does not actually produce an effect, the registry information does not get added.

Anyone have any other ideas on this? anyway to elevate the currently logged in user to admin for the purpose of adding the info then removing that user from admin?

/tAK

Edited November 28, 2006 by tAKTelapis

[Steven Vandenhoute]

Is there a sollution for this mather.

I'm also trying to write to the HKCU (for the placesbars) But on my pc with my account it works fine (admin) but for the users it wouldn't works (because HKCU is not writable)

Anyone an idea?

[Jos]

What about:

- check if user has admin rights

- if not: added the current user to the Administrators group, do what needs to be done after which you remove the user id from the administrators group.

[Steven Vandenhoute]

Ok, sounds easy.

But how can I add an user to the local admin group with autoit?

I've found on autoit site some code, but there is no way to add the user to the admin group

[Jos]

Ok, sounds easy.

But how can I add an user to the local admin group with autoit?

I've found on autoit site some code, but there is no way to add the user to the admin group

Simple way is to run these commands because you can easily run it with an Account that has admin rights :

Net Localgroup Administrators "Domain\UserID" /Add

Net Localgroup Administrators "Domain\UserID" /Delete

Edited December 28, 2006 by JdeB

[Steven Vandenhoute]

problem is that the program will be running on a pc without the admin rights.

so the AD user who is working on that machine doesn't have any rights (unless the right to work )

He can start my script to change the placesbar. Everything works fine if the user had local admin rights.

If I try your example with net localgroup ...

if receive system error 5 has occured

acces is denied

but maybe I have to run this line as administrator?

[Jos]

problem is that the program will be running on a pc without the admin rights.

so the AD user who is working on that machine doesn't have any rights (unless the right to work )

He can start my script to change the placesbar. Everything works fine if the user had local admin rights.

If I try your example with net localgroup ...

if receive system error 5 has occured

acces is denied

but maybe I have to run this line as administrator?

Isn't that what I said ?

You do:

RunAsSet("admin","Domain", "Password")

RunWait(@ComSpec & " /c Net Localgroup Administrators "Domain\UserID" /Add")

RunAsSet()

RunWait("regedit.....")

RunWait(@ComSpec & " /c Net Localgroup Administrators "Domain\UserID" /Delete")

[Steven Vandenhoute]

i tried to put it all together in an script and come up with this error

the code i have for this thing

RunAsSet("adminuser", @ComputerName, "adminpass")

run("net localgroup Administrator "domain\user" /add"

RunAsSet()

maybe i' doing something wrong? I think I surely do something wrong

Sorry, didn't see that you already post something. My mistake. I will give it a try.

Edited December 28, 2006 by Steven Vandenhoute

[Jos]

i tried to put it all together in an script and come up with this error

the code i have for this thing

maybe i' doing something wrong? I think I surely do something wrong

Multiple errors in this line : run("net localgroup Administrator "domain\user" /add"

- Missing closing bracket ...(thats the error reported.

- Missing @comspec

- Should be runWait

- Wrong " mix

RunWait(@comspec & ' /c net localgroup Administrator "domain\user" /add',"",@sw_Hide)

[Steven Vandenhoute]

I think I'm stupid. Even with your lines of code I'm unable to get it right

this is the new error. And if I'm not mistaking it is the same error

[Steven Vandenhoute]

I found it.

I need to use ' instead of "

Thankx man, you gave me the sollution for my last problem

Edited December 28, 2006 by Steven Vandenhoute

[Steven Vandenhoute]

how can I use this command with a variable?

I tried to use it like this

$adminuser="user"

$adminpass="pass"

$domainuser="domain\"&@username

RunAsSet($adminuser,@ComputerName, $adminpass)

RunWait(@ComSpec & ' /c Net Localgroup Administrators $domainuser /Add')

RunAsSet()

;RunWait("regedit.....")

;RunWait(@ComSpec & " /c Net Localgroup Administrators "" /Delete")

but it would not work.

Am I doing something wrong?

Edited December 29, 2006 by Steven Vandenhoute

[Jos]

how can I use this command with a variable?

I tried to use it like this

but it would not work.

Am I doing something wrong?

Looks to me you need some basic training here ....

Concatenation of literals and variables ...

RunWait(@ComSpec & ' /c Net Localgroup Administrators ' & $domainuser & ' /Add')

[Steven Vandenhoute]

well no, I've tried it like you write it, but doesn't work

[Steven Vandenhoute]

Ok, I know what I was doing wrong. I had coded also the " before and after the domain\user and it seems that that is not necessary.

only thing what i have to find now is a way to activate the user as admin without an logoff (user is in admin group, but is not activated)

[Steven Vandenhoute]

I'm sorry to bodder you again, but what you say doesn't work (at least not for me)

If I use it with variables it doesn't work. Do I the same but hardcoded it works.

[Sundance]

Hi Steven,

i've programmed this today and it worked for me. It's based on the hint from JdeB.

You can additionally use the $AdminDomain variable for the net command.

(I've forgot this one )

greets

Sundance

#include <string.au3>

$AdminPWD       = _StringEncrypt(0,"xxxxxxxxxxxx","xxxxx")
$AdminName      = "Admin"
$AdminDomain    = "domain"
RunAsSet($AdminName,$AdminDomain,$AdminPWD)
RunWait(@ComSpec & " /c net localgroup administrators 'domain\" & @UserName & "' /add")
RunAsSet()
RunWait(@ComSpec & " /c reg import " & @ScriptDir & "\somereg.reg")
RunAsSet($AdminName,$AdminDomain,$AdminPWD)
RunWait(@ComSpec & " /c net localgroup administrators 'domain\" & @UserName & "' /delete")

Edited January 9, 2007 by Sundance

[Fme]

Hi all,

Quite new to this world,

I'd like to do the same thing but for Windows NT4 Workstation

Anybody got solution ??

Edited January 30, 2007 by Fme