DeltaRocked Posted December 7, 2011 Posted December 7, 2011 Hello, In this forum many of you have asked about executing a process with elevated privileges i.e. executing a process as "system". The most common answer being "execute the process as Service" or Schedule a job. Dim $time = @HOUR & ':' & @MIN + 2 Run(@ComSpec & ' /c at ' & $time & ' /interactive c:\WINDOWS\system32\calc.exe"', @ScriptDir, @SW_HIDE) On some systems executing "at" will give access denied. then you will have to consider using psexec -s -i -d "path_to_calc.exe" Regards DeltaRocked
Mikeman27294 Posted December 7, 2011 Posted December 7, 2011 Another way of executing with elevated privileges is to use the #RequireAdmin command at the beginning of the script. It's not quite system but it is elevated privileges.
DeltaRocked Posted January 25, 2012 Author Posted January 25, 2012 (edited) A new addition: eventtriggers.exe found in almost all systems right from win 2000 . C:Documents and SettingsTEMP>eventtriggers /create /? C:Documents and SettingsTEMP>eventtriggers /? you can also run the task as a system user. expandcollapse popupC:Documents and SettingsTEMP>eventtriggers /create /? EVENTTRIGGERS /Create [/S system [/U username [/P [password]]]] /TR triggername /TK taskname [/D description] [/L log] { [/EID id] [/T type] [/SO source] } [/RU username [/RP [password]]] Description: Creates a new Event Trigger that will monitor and act upon the occurrence of NT Log Events of a given criteria. NOTE: Using /EID, /T and /SO together act as a series of AND's. Parameter List: /S system Specifies the remote system to connect to. /U [domain]user Specifies the user context under which the command should execute. /P [password] Specifies the password for the given user context. /TR triggername Specifies a unique name to associate with the new Event Trigger. /TK taskname Specifies the task to execute when the Event Trigger conditions are met. /D description Specifies the description of the Event Trigger. /L log Specifies the NT Event Log(s) to monitor. Valid types include: Application, System, Security, DNS Server Log and Directory Log. The wildcard "*" may be used and the default value is "*". /EID id Specifies the Event ID that the Event Trigger should monitor and act upon. /T type Specifies an Event Type that the trigger should monitor. Valid values include: "ERROR", "INFORMATION", "WARNING", "SUCCESSAUDIT" and "FAILUREAUDIT". /SO source Specifies the Event Source the Event Trigger should monitor. /RU username Specifies the user account under which the task runs. For the "SYSTEM" account the value must be "". /RP [password] Specifies the password for the "run as" user. This password will be ignored for the "SYSTEM" account. /? Displays this help message. Examples: EVENTTRIGGERS /Create /? EVENTTRIGGERS /Create /TR "Disk Cleanup" /L SYSTEM /T ERROR /TK C:\Windows\System32\cleanmgr.exe EVENTTRIGGERS /Create /S system /U user /TR "Low Disk Space" /EID 99 /SO "WinWord" /T ERROR /TK srvsharedsk.cmd EVENTTRIGGERS /Create /S system /U domainuser /P password /TR "Disk Backup" /EID 4133 /L SYSTEM /T ERROR /TK systemsharentbackup.exe EVENTTRIGGERS /Create /RU user /RP password /TR "Disk Backup" /TK systemsharentbackup.exe /EID 4 /D "This will start disk backup services." Edited July 3, 2012 by deltarocked
Graywalker Posted January 25, 2012 Posted January 25, 2012 (edited) I had a tough time when my company converted to Windoze 7 because of this issue. Using psexec is an option if you want to run the program immediatly, but I really didn't want to be that limited and I didn't want to use an external app. Also, the Windows 7 "Do you want to run this" popup is hard to avoid. So, I wrote and have thoroughly tested a script that runs programs with elevated rights on remote Windows 7 computers without a popup - and I just wedged a time adjustment in there yesterday. It uses schtasks. schtasks is a lot more complicated and a bit more mis-documented than AT, but its also more flexible and powerful - and more appropriate for Windows 7 systems. Here is the function code that I use : expandcollapse popupFunc RunProgram($strPCName, $pcc) Dim $Command, $Results = "", $Line, $et, $TName $copyfile = FileCopy($program, "" & $strPCName & "c$temp" & $progarray[$last], 9) $TName = StringTrimRight($progarray[$last], 4) If $copyfile = 1 Then _GetTime() $runtime = @MON & "/" & @MDAY & "/" & @YEAR & " " & $time ;MsgBox(0, "Run Time", $runtime & @CRLF & $et) $Command = 'schtasks /Create /S ' & $strPCName & ' /RU ' & $UserName & ' /RP ' & $Paswrd & ' /SC ONCE /TN ' & _ $TName & ' /TR "' & $CommandLine & '" /ST ' & $time & ' /RL HIGHEST /F' ; /ST ' & $time & ' /ET ' & $et & ' ;/ET ' & $et & ' ;MsgBox(0,"Command",$Command) ;FileWriteLine($LogFile,$Command) $runAt = Run(@ComSpec & ' /c "' & $Command & '"', "", @SW_HIDE, $STDOUT_CHILD) While 1 $Line = StdoutRead($runAt) If @error Then ExitLoop If $Line <> "" Then $Results = $Results & " " & $Line EndIf WEnd FileWriteLine($LogFile, $strPCName & "," & $time & "," & $Results) Else ;FileWriteLine($LogFile, $strPCName & ",Run Program Results,Error Copying File," & $progarray[$last] & " ,Error:," & $copyfile) If FileExists("" & $strPCName & "c$temp" & $progarray[$last]) Then _GetTime() $runtime = @MON & "/" & @MDAY & "/" & @YEAR & " " & $time ;MsgBox(0, "Run Time Else", $runtime & @CRLF & $et) $Command = 'schtasks /Create /S ' & $strPCName & ' /RU ' & $UserName & ' /RP ' & $Paswrd & ' /SC ONCE /TN ' & _ $TName & ' /TR "' & $CommandLine & '" /ST ' & $time & ' /RL HIGHEST /F' ;/ST ' & $time & ' /ET ' & $et & ' /RI 599940 ;/ET ' & $et & ' ;MsgBox(0,"Command Else",$Command) ;FileWriteLine($LogFile,$Command) $runAt = Run(@ComSpec & ' /c "' & $Command & '"', "", @SW_HIDE, $STDOUT_CHILD) While 1 $Line = StdoutRead($runAt) If @error Then ExitLoop If $Line <> "" Then $Results = $Results & " " & $Line EndIf WEnd FileWriteLine($LogFile, $strPCName & "," & $time & "," & $Results) Else FileWriteLine($LogFile, $strPCName & _ ",Run Program Results,Scheduled task not created. Could not copy or find file on endpoint.") EndIf EndIf EndFunc ;==>RunProgram ; because schtasks is so picky about it's time format... Func _GetTime() If @MIN > 55 Then If StringLen(@HOUR) < 2 Then If @HOUR = "9" Then $Hour = (@HOUR + 1) Else $Hour = "0" & (@HOUR + 1) EndIf Else $Hour = (@HOUR + 1) EndIf If $Hour > 23 Then $Hour = "01" EndIf $time = $Hour & ":02" Else If StringLen(@HOUR) < 2 Then $Hour = "0" & @HOUR Else $Hour = @HOUR EndIf If StringLen((@MIN + 2)) < 2 Then $Minu = "0" & (@MIN + 2) Else $Minu = (@MIN + 2) EndIf If $Hour > 23 Then $Hour = "01" EndIf $time = $Hour & ":" & $Minu EndIf ; Just spliced this in to be able to schedule the task to run at night... or any time... $userTime = InputBox("Run Later?","Run at Time (24hr Format)",$time) $time = $userTime EndFunc ;==>_GetTime $TName is a task name. I pull it from the $CommandLine, which is the program to run. So, if the program is installgame.exe the task name is installgame. I select the program to run using : expandcollapse popup$program = FileOpenDialog("Select Program to Launch", "c:temp", "Executable Files (*.bat;*.exe;*.msi;*.msp)", 3, "runthis.exe") Select Case @error = 1 MsgBox(0, "Nnnnnnnnttt", "File selection Failed") Exit Case @error = 2 MsgBox(0, "Nnnnnnnnnntttt", "Bad file filter") Exit EndSelect $progarray = StringSplit($program, "") $last = $progarray[0] $launchfile = FileExists($program) If $launchfile = 0 Then MsgBox(0, "File not found", "The program to launch was not found, please check location and try again.") Exit ;Return 0 EndIf ; Check for any arguements the program needs $args = InputBox("Arguements", "Any arguements the program needs to run?", "None") Select Case StringInStr($progarray[$last], ".msi") If $args = "None" Then Global $CommandLine = "MsiExec.exe /I c:temp" & $progarray[$last] Else Global $CommandLine = "MsiExec.exe /I c:temp" & $progarray[$last] & " " & $args EndIf Case StringInStr($progarray[$last], ".msp") If $args = "None" Then Global $CommandLine = "MsiExec.exe /P c:temp" & $progarray[$last] & " REINSTALL=ALL REINSTALLMODE=amus" Else Global $CommandLine = "MsiExec.exe /P c:temp" & $progarray[$last] & " " & $args & " REINSTALL=ALL REINSTALLMODE=amus" EndIf Case Else If $args = "None" Then Global $CommandLine = "c:temp" & $progarray[$last] Else Global $CommandLine = "c:temp" & $progarray[$last] & " " & $args EndIf EndSelect I always copy the file to the endpoint, because it is always best to run a program, especially installs, from the local machine. Also, I usually run scripts I've written that put a log file in their folder, so its always easier to check the log file on the endpoint - in the temp directory. I just used this to schedule updates for Acrobat Standard from the install 9.0 up to patch level 9.4.6 on 10 desktops across three states. ( They all ran and Acrobat is updated this morning, even on the 7 windows 7 machines, so it works. Might not be pretty, but it works. ) Oh, yes, using your user name and password is necessary. Whatever account you use must be an administrator on the computer. AT just used the account you were logged on under as your account, but schtasks doesn't seem to do that. And you have to be sure that the secondary logon service is running on the remote computer before schtasks will work properly. Increased security almost always means decreased functionality and a harder time for Systems Administrators. Edited January 25, 2012 by Graywalker
DeltaRocked Posted July 11, 2012 Author Posted July 11, 2012 Another great script by PhoeniXL which uses psexec (within autoit script) and combined it with trancexx's runbinary from memory.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now