Jump to content
Sign in to follow this  


Recommended Posts


Hello, I have an application where I am required via script to perform a RunAs "SYSTEM".

My syntax is correct as far as I can tell but the windows authentication system is producing errors in the security event log.

I need to temporarily stop a service, but only the SYSTEM account has these privileges with Vscan 8.5i with Access Protection enabled.

I am running the latest version of AutoIt and here is my code:

RunAs ( "SYSTEM", "NT AUTHORITY", "",0, "C:\windows\SYSTEM32\cmd.exe" & " /c" & " C:\windows\SYSTEM32\net.exe" & " stop mcshield", "C:")

The system account has no password, therefore I believe the above code should work, but when I run this the windows security event log reports authentication failures.

Event Type: Failure Audit

Event Source: Security

Event Category: Logon/Logoff

Event ID: 529

Date: 6/30/2008

Time: 10:06:50 AM


Computer: 51536-GCCCD


Logon Failure:

Reason: Unknown user name or bad password

User Name: SYSTEM


Logon Type: 2

Logon Process: seclogon

Authentication Package: Negotiate

Workstation Name: 51536-GCCCD

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

So my question is: Is AutoIt capable of performing the RunAs with the "SYSTEM" account and if so, How?

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  


Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.