VB Scripts and UAC elevation

Vikas BhatExperienced IT Infrastructure Services/operations Manager
CERTIFIED EXPERT
I have 13 years of experience as an IT Operations & Services Manager. I am expert in  IT Operations & IT Infrastructure
Published:
Updated:
With User Account Control (UAC) enabled in Windows 7, one needs to open an elevated Command Prompt in order to run scripts under administrative privileges. Although the elevated Command Prompt accomplishes the task, the question How to run as script under elevated privileges/admin privileges
With User Account Control (UAC) enabled in Windows 7, one needs to open an elevated Command Prompt in order to run scripts under administrative privileges. Although the elevated Command Prompt accomplishes the task, the question How to run as script under elevated privileges/admin privileges
1. without using the Command Prompt?
2. without user being admin on machine?
We can achieve the same by GPO which can deploy application etc. using system account but it doesn’t solve the purpose where only selected users need to install applications with no admin rights on machine.
Scenario in my organization
We have intranet site in our organization with downloads page for installation of any software’s for users.
Downloads page has a link to .vbs script which installs the software from local available repository when users click on the link
Problem is that users with no admin rights on local machine cannot install software especially in windows 7 as most of our users have been migrated to windows 7 with no administrator rights.
Solution:
We created a script which can install the software on any machine with no admin privileges
We encoded the final script to protect from users
Below is the script:
******************************************************************
Option Explicit
Dim MyArr, i, IPaddress, tstr, Subnet2, Subnet3
Dim SCSserver,MapPath,oWshShell
Dim strArgs, strAdminUser, strAdminPass
Dim objFSO, wshNetwork, strComputer, objShell, strCommand
Set objFSO = WScript.CreateObject(“Scripting.FileSystemObject”)
Set wshNetwork = WScript.CreateObject(“WScript.Network”)
Set objShell = WScript.CreateObject(“WScript.Shell”)
‘Enter your domain admin user id/password or account with admin privelliges on your organisation machines
strAdminUser = “domain\userid”
strAdminPass = “password”
Dim WSHShell
Dim objNTInfo
Dim GetComputerName
Set objNTInfo = CreateObject(“WinNTSystemInfo”)
GetComputerName = lcase(objNTInfo.ComputerName)
Set WSHShell = WScript.CreateObject(“WScript.Shell”)
If WScript.Arguments.Count < 1 Then
Call Normal_User_Commands
ElseIf WScript.Arguments(0) = “AsAdmin” Then
Call Admin_User_Commands
Else
MsgBox “Unknown Argument received”
End If
Sub Normal_User_Commands
‘MsgBox “Running as initiating user”
strComputer = GetComputerName
‘Download psexec.exe and copy it on network as we are using psexec.exe
strCommand = “cmd /c <Path for psexec.exe> \\” & strComputer & ” -i -u ” & strAdminUser & ” -p ” & strAdminPass & ” wscript.exe <complete path for your script which installs application/software.vbs> “”AsAdmin”””
objShell.Run strCommand, 0, True
End Sub
Sub Admin_User_Commands
‘Now running as Administrator on the target machine
‘MsgBox “Running as Admin”
strCommand = “notepad.exe”
objShell.Run strCommand, 0, True
End Sub
********************************************************************
0
1,298 Views
Vikas BhatExperienced IT Infrastructure Services/operations Manager
CERTIFIED EXPERT
I have 13 years of experience as an IT Operations & Services Manager. I am expert in  IT Operations & IT Infrastructure

Comments (0)

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.