• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 166
  • Last Modified:

NT Admin access from a User context

I am trying to create a VB prog which will read and write to the NT registry that the system or administrators only have access to.  The program must be launched from the basic User context security level.

If I was doing the task in a batch routine I would us the resource kit utility SU to switch from the user account to an admin just for that script/program.

Is there any alternative or API function call that I can use in VB to solve this issue ?
0
mdtt94
Asked:
mdtt94
  • 3
  • 2
  • 2
  • +1
1 Solution
 
watyCommented:
I know how to change the perimissions of files, but not how to take the context of other users.
0
 
mdtt94Author Commented:
Thanks but I need to access registry keys that the users are not permitted to use.
0
 
MirkwoodCommented:
It has do with impersination levels and stuff like that. It was hard to program in C++ so it will be even harder in VB.
BTW: Your solution needs the administrator password, am I right?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
jcstriderCommented:
What exactly are you trying to do? I've spent alot of time buried in the registry and could help with what you are trying to do. You could possibly do a service and have a regular user start that service (which runs under the admin account) and that service could access the registry. Give me some more info and I'll check into it.
0
 
mdtt94Author Commented:
It's really a simple front end program that takes some users details and distrubutes the information to various keys in the registry (to set up mulitiple applications which use user information or profiles - Like Netscape, Office etc).  The program also needs to read and write parts of the registry that normal users don't have access to (Computer Name, Logon Name and maybe more).  This information only comes through if you have admin permissions on the workstation.
0
 
jcstriderCommented:
The only way that I can think of is to write a service that runs under the admin account and have your app start it up and get the information from that. If all the keys you need are in the HKEY_LOCAL_MACHINE you can read that. Most info is kept there and all users should have access to them. I went the services route and found that is was very easy to code and get the info I needed. There is a guy who wrote an article on how to write services and I think he has something regarding the registry also. his http is http://www.flash.net/~ljjohnsn.

John Cantley
0
 
MirkwoodCommented:
It would be a security breach if what you want could be done. Therefor it cannot be done.
0
 
mdtt94Author Commented:
I have found out how to use the API calls to get the information on the computername and user rather than look them up in the registry from the secure keys.  Thanks for your help anyway.  It would indeed be a security problem if a user could access these keys.

Cheers,

Mark
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now