Jump to content

runas access is denied

Milas

By Milas
in AutoIt General Help and Support

 Share

Recommended Posts

Milas Seeker

Milas

Posted
Posted

Hey guys,

         for some reason when I run this command with run as in autoit it returns access is denied. but when I run the same thing in an elevated command shell it works fine. Im not sure where I am messing up. 

global $rtech,$rcred, $IP
    $rtech = inputbox("","username")
    $rcred = InputBox("","password")
    $ip = inputbox("","enter IP")
    $pid = Runas ($rtech,"mhs", $rcred, 2 ,@ComSpec & ' /c reg query \\' & $ip & '"\hklm\software\microsoft\windows\currentversion\group policy\state\machine"|findstr /i "disting"', @SystemDir, @SW_hide, $STDERR_CHILD + $STDOUT_CHILD)
    Local $line
    While 1
        $line &= StdoutRead($pid)
        If @error Then ExitLoop
    WEnd
    While 1
        $line &= StderrRead($pid)
        If @error Then ExitLoop
    WEnd
    MsgBox(0, "", $line)

 

Milas Seeker

Milas

Posted
  • Author
Posted (edited)

@JohnOne I had #RequireAdmin at the start of the GUI this was a part of and then I ran into the issue that everything the GUI ran it did with admin when I needed functions to run as the logged in user. So then I added the input boxes for admin and password and now some functions do not work.

@Jos I have used RunAs() with 0,1,2,and 4 and it all fails.

Whats blowing my mind is that almost every function uses this same format. All my "wmic" functions work fine. for example:

$pid = Runas ($rtech,"mhs", $rcred, 2 ,@ComSpec & " /c wmic /node:" & GUICtrlRead($IP) & " computersystem get name", @SystemDir, @SW_HIDE, $STDERR_CHILD + $STDOUT_CHILD)

_The above works great_

Here are the facts:

All my format for commands remain the same throughout

All commands can be put into cmd and run successfully

All commands work when #RequireAdmin is included instead of starting with " Runas ($rtech,"mhs", $rcred...)

Wmic commands all run successfully

getmac /s command runs successfully

net user commands fail with "Access Denied"

reg query commands fail with "Access Denied"

 

Solution will be to find whats different about the wmic/getmac and the reg query/net user commands

 

Edited by Milas
AdamUL Universalist

AdamUL

Posted
Posted

RunAs does not give process that is run the Admin Token.  It only runs the process as the specified user.  #RequireAdmin request the Admin Token.  There are ways to do without using #RequireAdmin, but it will require re-execution of your script, or a secondary script called by the main script.  Here are a few threads that may help.

 

 

Here are some additional threads.  

https://www.google.com/search?q=site:www.autoitscript.com+runas+admin

You can do this without storing credentials in the script.  I just depends on how you want to organize your script to get it done.

 

Adam

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...