BlackHoleSun Posted April 10, 2012 Share Posted April 10, 2012 (edited) Is there a way to open a network location as another user by impersonating them, but without mapping a drive? This is for Win7 only. I really just want to open an explorer window with the share that the user has access to, but a normal admin (non-domain admins) don't. This doesn't work: RunAs(user, domain, password, 0, "explorer.exe \\server\share") Edited April 19, 2012 by BlackHoleSun Link to comment Share on other sites More sharing options...
BlackHoleSun Posted April 10, 2012 Author Share Posted April 10, 2012 Looking through the help files, it seems like one of the 3 _WinNet_AddConnection functions might help, but the $iOptions are throwing me off to get the user prompted for the username/password. Does anyone have experience with these functions? Link to comment Share on other sites More sharing options...
BlackHoleSun Posted April 17, 2012 Author Share Posted April 17, 2012 Anyone have any ideas on this? Link to comment Share on other sites More sharing options...
MrMitchell Posted April 17, 2012 Share Posted April 17, 2012 Have you tried yet? If the user has access to it the user should just be able to navigate straight to the folder without Windows asking for credentials. In this case, try just the ShellExecute() line below, but adjust $sServerShare. I'm on Win7 in a Domain environment, but not an admin, and it worked fine for me. #include <WinNet.au3> $sServerShare = "servershare" _WinNet_AddConnection2(0, $sServerShare, "username", "password", 1) ShellExecute("explorer.exe", $sServerShare) Link to comment Share on other sites More sharing options...
BlackHoleSun Posted April 18, 2012 Author Share Posted April 18, 2012 The share I'm trying to connect to is the users profile directory, so normal admins wouldn't have access to that. Only enterprise admins and the users do, that's why I need to authenticate as the user. I have an If Then statement for the result of the add connection and it keeps showing as being False. Link to comment Share on other sites More sharing options...
BlackHoleSun Posted April 18, 2012 Author Share Posted April 18, 2012 OK, I tried intentionally using a bad password and then check AD. It doesn't show now as being the last bad password time, so for some reason it's not actually authenticating with what I'm giving it. I don't know if it's a DLL problem or UDF one. Link to comment Share on other sites More sharing options...
lowray1975 Posted April 18, 2012 Share Posted April 18, 2012 If the user who is running the script has already authenticated to the server in which the share is located on it's you typically cannot authenticate as another user account. What happens when you try to authenticate from the command line as that user? Troubleshoot by removing Autoit. Link to comment Share on other sites More sharing options...
BlackHoleSun Posted April 19, 2012 Author Share Posted April 19, 2012 I can authenticate fine to the server through the command prompt. I copied the function into my code directly so I can output some of the strings. What I noticed is that no matter what I input for the password, the hex it turns it into always stays the same. Link to comment Share on other sites More sharing options...
MrMitchell Posted April 19, 2012 Share Posted April 19, 2012 So let's recap real quick... You and UserA are both using Win7 on a domain? Both you and UserA are regular users as opposed to domain admins? Perhaps you're a local admin on your own machine but don't think that really makes a difference. UserA created a share to his profile directory? You need to authenticate as that user from your machine to access the share on UserA's machine? You are able to create the connection at the command line? You are unable to create the connection in AutoIt using _WinNet_AddConnection2()? With AutoIt are you specifying "domainusername" as the username or just "username"? How about with the command line? Link to comment Share on other sites More sharing options...
BlackHoleSun Posted April 19, 2012 Author Share Posted April 19, 2012 (edited) So let's recap real quick...You and UserA are both using Win7 on a domain?YesBoth you and UserA are regular users as opposed to domain admins?I am a normal non-domain admin, UserA is a regular userPerhaps you're a local admin on your own machine but don't think that really makes a difference.See aboveUserA created a share to his profile directory?This is the roaming profile share for UserAYou need to authenticate as that user from your machine to access the share on UserA's machine?Even though I'm an admin, I don't have access to user profile sharesYou are able to create the connection at the command line?I can connect a drive using NET USE in a command prompt, yesYou are unable to create the connection in AutoIt using _WinNet_AddConnection2()?Correct, I cannot connect using _WinNet_AddConnection2With AutoIt are you specifying "domainusername" as the username or just "username"? How about with the command line?Yes, I'm specifying "domainuser" Edited April 19, 2012 by BlackHoleSun Link to comment Share on other sites More sharing options...
MrMitchell Posted April 19, 2012 Share Posted April 19, 2012 So I tried specifying 0 as $sLocalName in the _WinNet_AddConnection2() function and it wouldn't connect. I tried again by specifying "" (two double quotes/empty string) as $sLocalName and it worked. So here's the final code: $sServer = 'server' $sShare = 'C$' $sUsername = 'domainuser' $sPassword = 'password' $sServerShare = '' & $sServer & '' & $sShare $result = _WinNet_AddConnection2("", $sServerShare, $sUsername, $sPassword, 1) If $result Then ShellExecute("explorer.exe", $sServerShare) Else ConsoleWrite("Unable to connect to " & $sServerShare & @CRLF) EndIf Reg2Post 1 Link to comment Share on other sites More sharing options...
BlackHoleSun Posted April 19, 2012 Author Share Posted April 19, 2012 I can't do anything but shake my head at that fix. It does work with me though and tested fine with good/bad passwords and the error handling I have works fine. Thank you so much! Link to comment Share on other sites More sharing options...
MrMitchell Posted April 19, 2012 Share Posted April 19, 2012 I can't do anything but shake my head at that fix. It does work with me though and tested fine with good/bad passwords and the error handling I have works fine.Thank you so much!No problem...The Help File says to use a device name or a 0. The MSDN documentation says to use NULL or empty string. I don't know how to specify NULL but empty string works. Using Default didn't work either. Here's that part of the doc...lpLocalNameA pointer to a null-terminated string that specifies the name of a local device to redirect, such as "F:" or "LPT1". The string is treated in a case-insensitive manner.If the string is empty, or if lpLocalName is NULL, the function makes a connection to the network resource without redirecting a local device. Link to comment Share on other sites More sharing options...
jriker1 Posted November 17, 2018 Share Posted November 17, 2018 On 4/19/2012 at 1:45 PM, MrMitchell said: $sServer = 'server' $sShare = 'C$' $sUsername = 'domainuser' $sPassword = 'password' $sServerShare = '' & $sServer & '' & $sShare $result = _WinNet_AddConnection2("", $sServerShare, $sUsername, $sPassword, 1) If $result Then ShellExecute("explorer.exe", $sServerShare) Else ConsoleWrite("Unable to connect to " & $sServerShare & @CRLF) EndIf Does the above work? I'm getting an invalid function on the $results= line. Thanks. JR Link to comment Share on other sites More sharing options...
Developers Jos Posted November 17, 2018 Developers Share Posted November 17, 2018 ... and you did open the helpfile and checked what the requirements are for: ? _WinNet_AddConnection2() You probably didn't add the line to include the file containing the UDF. Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
HeiWoMa Posted January 10, 2020 Share Posted January 10, 2020 On 11/17/2018 at 5:12 PM, jriker1 said: $sServerShare = '' & $sServer & '' & $sShare Should be: $sServerShare = '\\' & $sServer & '\' & $sShare then it should work. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now