[SOLVED] Open a network location without mapping

[BlackHoleSun]

Is there a way to open a network location as another user by impersonating them, but without mapping a drive? This is for Win7 only. I really just want to open an explorer window with the share that the user has access to, but a normal admin (non-domain admins) don't.

This doesn't work:

RunAs(user, domain, password, 0, "explorer.exe \\server\share")

Edited April 19, 2012 by BlackHoleSun

[BlackHoleSun]

Looking through the help files, it seems like one of the 3 _WinNet_AddConnection functions might help, but the $iOptions are throwing me off to get the user prompted for the username/password. Does anyone have experience with these functions?

[BlackHoleSun]

Anyone have any ideas on this?

[MrMitchell]

Have you tried yet?

If the user has access to it the user should just be able to navigate straight to the folder without Windows asking for credentials. In this case, try just the ShellExecute() line below, but adjust $sServerShare. I'm on Win7 in a Domain environment, but not an admin, and it worked fine for me.

#include <WinNet.au3>
$sServerShare = "servershare"
_WinNet_AddConnection2(0, $sServerShare, "username", "password", 1)
ShellExecute("explorer.exe", $sServerShare)

[BlackHoleSun]

The share I'm trying to connect to is the users profile directory, so normal admins wouldn't have access to that. Only enterprise admins and the users do, that's why I need to authenticate as the user.

I have an If Then statement for the result of the add connection and it keeps showing as being False.

[BlackHoleSun]

OK, I tried intentionally using a bad password and then check AD. It doesn't show now as being the last bad password time, so for some reason it's not actually authenticating with what I'm giving it. I don't know if it's a DLL problem or UDF one.

[lowray1975]

If the user who is running the script has already authenticated to the server in which the share is located on it's you typically cannot authenticate as another user account. What happens when you try to authenticate from the command line as that user? Troubleshoot by removing Autoit.

[BlackHoleSun]

I can authenticate fine to the server through the command prompt.

I copied the function into my code directly so I can output some of the strings. What I noticed is that no matter what I input for the password, the hex it turns it into always stays the same.

[MrMitchell]

So let's recap real quick...

You and UserA are both using Win7 on a domain?

Both you and UserA are regular users as opposed to domain admins?

Perhaps you're a local admin on your own machine but don't think that really makes a difference.

UserA created a share to his profile directory?

You need to authenticate as that user from your machine to access the share on UserA's machine?

You are able to create the connection at the command line?

You are unable to create the connection in AutoIt using _WinNet_AddConnection2()?

With AutoIt are you specifying "domainusername" as the username or just "username"? How about with the command line?

[BlackHoleSun]

So let's recap real quick...

You and UserA are both using Win7 on a domain?

Yes

Both you and UserA are regular users as opposed to domain admins?

I am a normal non-domain admin, UserA is a regular user

Perhaps you're a local admin on your own machine but don't think that really makes a difference.

See above

UserA created a share to his profile directory?

This is the roaming profile share for UserA

You need to authenticate as that user from your machine to access the share on UserA's machine?

Even though I'm an admin, I don't have access to user profile shares

You are able to create the connection at the command line?

I can connect a drive using NET USE in a command prompt, yes

You are unable to create the connection in AutoIt using _WinNet_AddConnection2()?

Correct, I cannot connect using _WinNet_AddConnection2

With AutoIt are you specifying "domainusername" as the username or just "username"? How about with the command line?

Yes, I'm specifying "domainuser" Edited April 19, 2012 by BlackHoleSun

[MrMitchell]

So I tried specifying 0 as $sLocalName in the _WinNet_AddConnection2() function and it wouldn't connect.

I tried again by specifying "" (two double quotes/empty string) as $sLocalName and it worked. So here's the final code:

$sServer = 'server'
$sShare = 'C$'
$sUsername = 'domainuser'
$sPassword = 'password'
$sServerShare = '' & $sServer & '' & $sShare
$result = _WinNet_AddConnection2("", $sServerShare, $sUsername, $sPassword, 1)
If $result Then
ShellExecute("explorer.exe", $sServerShare)
Else
ConsoleWrite("Unable to connect to " & $sServerShare & @CRLF)
EndIf

[BlackHoleSun]

I can't do anything but shake my head at that fix. It does work with me though and tested fine with good/bad passwords and the error handling I have works fine.

Thank you so much!

[MrMitchell]

I can't do anything but shake my head at that fix. It does work with me though and tested fine with good/bad passwords and the error handling I have works fine.

Thank you so much!

No problem...The Help File says to use a device name or a 0. The MSDN documentation says to use NULL or empty string. I don't know how to specify NULL but empty string works. Using Default didn't work either. Here's that part of the doc...

lpLocalName

A pointer to a null-terminated string that specifies the name of a local device to redirect, such as "F:" or "LPT1". The string is treated in a case-insensitive manner.

If the string is empty, or if lpLocalName is NULL, the function makes a connection to the network resource without redirecting a local device.

[jriker1]

On ‎4‎/‎19‎/‎2012 at 1:45 PM, MrMitchell said:

 

$sServer = 'server'
$sShare = 'C$'
$sUsername = 'domainuser'
$sPassword = 'password'
$sServerShare = '' & $sServer & '' & $sShare
$result = _WinNet_AddConnection2("", $sServerShare, $sUsername, $sPassword, 1)
If $result Then
ShellExecute("explorer.exe", $sServerShare)
Else
ConsoleWrite("Unable to connect to " & $sServerShare & @CRLF)
EndIf

Does the above work?  I'm getting an invalid function on the $results= line.

 

Thanks.

JR

[Jos]

... and you did open the helpfile and checked what the requirements are for: ?

 _WinNet_AddConnection2()

You probably didn't add the line to include the file containing the UDF.

Jos

[HeiWoMa]

On 11/17/2018 at 5:12 PM, jriker1 said:

$sServerShare = '' & $sServer & '' & $sShare

Should be: $sServerShare = '\\' & $sServer & '\' & $sShare
then it should work.