Sign in to follow this  
Followers 0
Morteza

RunAS() and non-password users

11 posts in this topic

#1 ·  Posted (edited)

Dears,

Some of my system users have not any password (i.e. during log-in, no password is needed). RunAs() work for password protected users without any problem, but not for non-password protected users. I used a "" instead of password for non-password users, but the function not worked at all. What can I do?

regards

Edited by Morteza

Share this post


Link to post
Share on other sites



I think you've discovered a bug. I'm getting the same result here.

I tried both the release version and the latest beta.

I know I've done this in the past but I haven't tried in quite a while.

I created user test locally with no password and ran this, the run failed

$1 = RunAsWait("Test", @ComputerName, "", 0, @ComSpec)
MsgBox(0,"",$1 & @CR & @error)

Then I assigned the user a password ran it with the password and it worked.

Blank password again failed.

Kenny


My Contributions _StringMultiReplace PC Builders Console - Secure PDF Creator - Cisco VPN Installer MS DNS Server Backup Script - MS DHCP Backup Script IT Admin Console - Toggle Admin Mode - MyMovies-Add Discs Script - IT Help Desk and System Information Tool - Set On Lid Close Power Option - Streaming Media Server & Website "I believe that when we leave a place, part of it goes with us and part of us remains... Go anywhere, when it is quiet, and just listen.. After a while, you will hear the echoes of all our conversations, every thought and word we've exchanged.... Long after we are gone our voices will linger in these walls for as long as this place remains."

Share this post


Link to post
Share on other sites

Submitted a bug report. Ticket# 698

Kenny


My Contributions _StringMultiReplace PC Builders Console - Secure PDF Creator - Cisco VPN Installer MS DNS Server Backup Script - MS DHCP Backup Script IT Admin Console - Toggle Admin Mode - MyMovies-Add Discs Script - IT Help Desk and System Information Tool - Set On Lid Close Power Option - Streaming Media Server & Website "I believe that when we leave a place, part of it goes with us and part of us remains... Go anywhere, when it is quiet, and just listen.. After a while, you will hear the echoes of all our conversations, every thought and word we've exchanged.... Long after we are gone our voices will linger in these walls for as long as this place remains."

Share this post


Link to post
Share on other sites

Submitted a bug report. Ticket# 698

Kenny

Have you testet the OS function "runas.exe" with blank password Accounts? There are some limitations on XP and Vista with

WMI, Scheduler, sharing and other function when you use accounts with blank passwords.

Share this post


Link to post
Share on other sites

#5 ·  Posted (edited)

I'll try it now but I'm sure I've done this before.

EDIT:

Damn your right. I wonder if this got locked down by an SP or security patch

Sorry for the bad info

If you are only running this with a local account and really need it

I do have a way to make it work...depending on what your doing exactly.

Well technically it could work with domain accounts but I don't reccomend it

I have a UDF that can change windows passwords.

You could change the password to something else run your commands

and then set the password to nothing again.

Kinda crazy but just something off the top of my head.

Kenny

Edited by ken82m

My Contributions _StringMultiReplace PC Builders Console - Secure PDF Creator - Cisco VPN Installer MS DNS Server Backup Script - MS DHCP Backup Script IT Admin Console - Toggle Admin Mode - MyMovies-Add Discs Script - IT Help Desk and System Information Tool - Set On Lid Close Power Option - Streaming Media Server & Website "I believe that when we leave a place, part of it goes with us and part of us remains... Go anywhere, when it is quiet, and just listen.. After a while, you will hear the echoes of all our conversations, every thought and word we've exchanged.... Long after we are gone our voices will linger in these walls for as long as this place remains."

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

I'll try it now but I'm sure I've done this before.

EDIT:(...)If you are only running this with a local account and really need it

I do have a way to make it work...(...)

Thank you very much dear guys; ken82m & Paulchen :)

I think Paulchen is right, this is a lack in Windows. This is explained in this article by Microsoft.

However I found an utility package of Microsoft called PsTools with a utility named PsPassw for changing user passwords, but I would like to see your UDF too (My need is just on local accounts).

I will be very pleased if you share your knowledge with me :) I think working with an UDF is very better of working with an external program. o:)

Best Regards

Edited by Morteza

Share this post


Link to post
Share on other sites

Here you go.

_ResetPassword("test", "test2")

RunAsWait("Test", @ComputerName, "test2", 0, @ComSpec)

_ResetPassword("test", "")


Func _ResetPassword($sUser , $sPass)
    $WshNetwork = ObjCreate("WScript.Network") 
    $strComputer = $WshNetwork.ComputerName 
    $strComputer = "." 
    $objUser = ObjGet("WinNT://" & $strComputer & "/" & $sUser & ",user") 
    $objUser.SetPassword ($sPass)
    $objUser.SetInfo()
EndFunc

My Contributions _StringMultiReplace PC Builders Console - Secure PDF Creator - Cisco VPN Installer MS DNS Server Backup Script - MS DHCP Backup Script IT Admin Console - Toggle Admin Mode - MyMovies-Add Discs Script - IT Help Desk and System Information Tool - Set On Lid Close Power Option - Streaming Media Server & Website "I believe that when we leave a place, part of it goes with us and part of us remains... Go anywhere, when it is quiet, and just listen.. After a while, you will hear the echoes of all our conversations, every thought and word we've exchanged.... Long after we are gone our voices will linger in these walls for as long as this place remains."

Share this post


Link to post
Share on other sites

Sometimes the following regkey can help. But this key can be a securityrisk.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

limitblankpassworduse=dword:1

Share this post


Link to post
Share on other sites

NICE!!! just changed it to 0 and it worked.

That ones going in my notes now :)

Haven't seen it documented anywhere how did you come up with that one?

Script could just change it to 0 issue the runas and change it back to 1

Kenny


My Contributions _StringMultiReplace PC Builders Console - Secure PDF Creator - Cisco VPN Installer MS DNS Server Backup Script - MS DHCP Backup Script IT Admin Console - Toggle Admin Mode - MyMovies-Add Discs Script - IT Help Desk and System Information Tool - Set On Lid Close Power Option - Streaming Media Server & Website "I believe that when we leave a place, part of it goes with us and part of us remains... Go anywhere, when it is quiet, and just listen.. After a while, you will hear the echoes of all our conversations, every thought and word we've exchanged.... Long after we are gone our voices will linger in these walls for as long as this place remains."

Share this post


Link to post
Share on other sites

It is indeed a very nice find. I guess really changing it immediately before and after calling the runas() command. for safety purposes.


[right]~What can I say, I'm a Simplistic person[/right]

Share this post


Link to post
Share on other sites

Sometimes the following regkey can help. But this key can be a securityrisk.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

limitblankpassworduse=dword:1

:) Very excellent info :)

Before your kindness, I wrote 3 program for solving this problem!. Now, all of them are in trashcan o:)

Best Regards

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0