Misuranai Posted September 16, 2022 Share Posted September 16, 2022 (edited) Hi, I would like to run an autoit script as another user with more rights than my current user with normal user rights. The script should change the static ip-address of an ethernet network adapter. It works also fine with my user (because I am local admin) but the script is written for someone who doesn't have local admin rights. I already looked up into the "RunAs"-Command but I didn't want to run another programme as another user. I want to run the inside script as another user (same file). This is my code but it doesn't work as I imagine: expandcollapse popup#RequireAdmin #include <ButtonConstants.au3> #include <ComboConstants.au3> #include <EditConstants.au3> #include <GUIConstantsEx.au3> #include <StaticConstants.au3> #include <WindowsConstants.au3> #include <Array.au3> #include <Network.au3> #include <GuiIPAddress.au3> #include <AutoItConstants.au3> #include <Permissions.au3> $infos = _GetNetworkAdapterInfos("Ethernet") $aRtoString = _ArrayToString($infos) $split = StringSplit($aRtoString, "|") #Region ### START Koda GUI section ### Form= $NetworkInsert = GUICreate("Network Insert", 248, 312, 192, 124) $cbNetAdapList = GUICtrlCreateCombo("", 56, 48, 137, 25, BitOR($CBS_DROPDOWN,$CBS_AUTOHSCROLL), $WS_EX_CLIENTEDGE) $lbNetAdapList = GUICtrlCreateLabel("Netzwerkadapter auswählen:", 56, 24, 142, 17) $Label1 = GUICtrlCreateLabel("", 64, 32, 4, 4) $Label2 = GUICtrlCreateLabel("IP-Adresse eingeben:", 72, 80, 105, 17) $inIPAdresse = _GUICtrlIpAddress_Create($NetworkInsert, 56, 104, 137, 21) $lbSubnetmask = GUICtrlCreateLabel("Subnetzmaske eingeben:", 64, 136, 124, 17) $inSubnetmask = _GUICtrlIpAddress_Create($NetworkInsert, 56, 160, 137, 21) $Label3 = GUICtrlCreateLabel("Standardgateway eingeben:", 56, 192, 137, 17) $inGateway = _GUICtrlIpAddress_Create($NetworkInsert, 56, 216, 137, 21) $btnAendern = GUICtrlCreateButton("Ändern", 88, 264, 75, 25) GUISetState(@SW_SHOW) #EndRegion ### END Koda GUI section ### GUICtrlSetData($cbNetAdapList, $split[8]) While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE Exit Case $btnAendern If Not IsAdmin() Then _LogonOnUser("Adminuser", "Adminpassword", "Domainname") _EnableStatic(GUICtrlRead($cbNetAdapList), _GUICtrlIpAddress_Get($inIPAdresse), _GUICtrlIpAddress_Get($inSubnetmask)) _SetGateways(GUICtrlRead($cbNetAdapList), _GUICtrlIpAddress_Get($inGateway)) _LogOffUser() EndIf EndSwitch WEnd Func _LogonOnUser($sUsername, $sPassword, $sServer = @LogonDomain) Local $aRet Local $stToken Local $phToken Local $nError = -1 $stToken = DllStructCreate("int") $aRet = DllCall("advapi32.dll", "int", "LogonUser", _ "str", $sUsername, _ "str", $sServer, _ "str", $sPassword, _ "dword", 8, _ ; LOGON32_LOGON_NETWORK_CLEARTEXT "dword", 0, _ "ptr", DllStructGetPtr($stToken)) $phToken = DllStructGetData($stToken, 1) If Not @error And $aRet[0] <> 0 Then ;Return True ; Return True if user exists $aRet = DllCall("advapi32.dll", "int", "ImpersonateLoggedOnUser", "ptr", $phToken) If Not @error And $aRet[0] <> 0 Then ConsoleWrite("Impersonated User = " & @UserName & @CRLF) ; Do Impersonation Stuff Here _InitiatePermissionResources() ; Requires Permissions UDF Else $aet = DllCall("kernel32.dll", "int", "GetLastError") If Not @error Then $nError = $aRet[0] EndIf DllCall("kernel32.dll", "int", "CloseHandle", "ptr", $phToken) Else $aRet = DllCall("kernel32.dll", "int", "GetLastError") If Not @error Then $nError = $aRet[0] EndIf If $nError > -1 Then SetError($nError) Return 0 EndIf Return 1 EndFunc ;==>_LogOnUser Func _LogOffUser() _ClosePermissionResources() ; Requires Permissions UDF DllCall("advapi32.dll", "int", "RevertToSelf") ConsoleWrite("RevertToSelf User = " & @UserName & @CRLF) EndFunc Do you have any idea how to realize this? Thanks in Advanced! Permissions.au3 NetworkInsert.au3 Edited September 19, 2022 by Misuranai Link to comment Share on other sites More sharing options...
AutoBert Posted September 16, 2022 Share Posted September 16, 2022 Can you put the links for the included files: Quote !->Includefile <Network.au3> not found. !->Includefile <Permissions.au3> not found. to your post, thank's (auto)Bert Link to comment Share on other sites More sharing options...
Misuranai Posted September 19, 2022 Author Share Posted September 19, 2022 On 9/16/2022 at 2:46 PM, AutoBert said: Can you put the links for the included files: to your post, thank's (auto)Bert Hi, here are the 2 UDFs. Best regards NetworkInsert.au3 Permissions.au3 Link to comment Share on other sites More sharing options...
Misuranai Posted September 26, 2022 Author Share Posted September 26, 2022 Does anyone have an idea how to solve this problem? Link to comment Share on other sites More sharing options...
Danny35d Posted September 28, 2022 Share Posted September 28, 2022 Add the code below after the last #include. It should make your script to runas someone else. The first time the script runs $CMDLine[0] value is zero which will re-run the script as someone else and exit the first script. The second script running as someone else has the parameter /RunAs making $CMDLine[0] value one and continue with the rest of the script. #include <AutoItConstants.au3> If $CMDLine[0] = 0 Then RunAs("Username", "Domain", "Password", $RUN_LOGON_NOPROFILE, @AutoItExe & " /RunAs", @ScriptDir) Exit EndIf AutoIt Scripts:NetPrinter - Network Printer UtilityRobocopyGUI - GUI interface for M$ robocopy command line Link to comment Share on other sites More sharing options...
Misuranai Posted September 30, 2022 Author Share Posted September 30, 2022 On 9/28/2022 at 1:14 PM, Danny35d said: Add the code below after the last #include. It should make your script to runas someone else. The first time the script runs $CMDLine[0] value is zero which will re-run the script as someone else and exit the first script. The second script running as someone else has the parameter /RunAs making $CMDLine[0] value one and continue with the rest of the script. #include <AutoItConstants.au3> If $CMDLine[0] = 0 Then RunAs("Username", "Domain", "Password", $RUN_LOGON_NOPROFILE, @AutoItExe & " /RunAs", @ScriptDir) Exit EndIf Thanks for that, but it seems it doesn't work. I have put it under the includes and it doesn't even start the script. Link to comment Share on other sites More sharing options...
rsn Posted September 30, 2022 Share Posted September 30, 2022 (edited) What I've done in the past when a user needs to be an admin is temporarily add that user to the administrators group and then remove them after it's no longer needed in the script. You'll probably still need some secondary/external apps to do it though. Depending on requirements, I've also added a single run scheduled task that runs at logoff/shutdown to make sure the user is removed from the administrators group and force the logoff or shutdown. Edited September 30, 2022 by rsn Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now