?
Solved

Shell runas inside a VB-application

Posted on 2003-03-14
4
Medium Priority
?
4,101 Views
Last Modified: 2012-06-27
I would like to execute another program with a shellcommand inside a VB-application.

Take Notepad as an example.

If only Admin is allowed to execute Notepad and you want to execute it you have to do it by running runas.

I would like to make a little program, lets call it "RunNotepad"

This would work if I was Admin
Private Sub Form_Load()
   Shell "Notepad"
End Sub
 
But It would crach if I don't have the privelegies.

I could use the advapi32.dll and "ImpersonateLoggedOnUser" and so on, but the user must have the priveleges as "Act as part of operating system" and I don't want that.

I could use this...
Private Sub Form_Load()
   Shell "cmd /c runas /noprofile /user:domain\Admin notepad"
End Sub
...but If I do the Commandwindow pops up and asks me to enter the password for admin.

Is it possible to let the VB application take care of the passwordtyping and don't interact with the user that executes the application?


Thanks a lot!
Andreas Olausson - Sweden
0
Comment
Question by:AndreasOlausson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 5

Expert Comment

by:Cimperiali
ID: 8136420
No, as far as I know.
One thing you could do is build a service that has enough priviledges (that meaning administrator installed it) that can launch app for you as if you were admin. But admin shoudl grant you priviledge to use it....
0
 

Author Comment

by:AndreasOlausson
ID: 8136607
Thanks for the comment Cimperiali!

The thing is, the application that must have Adminpriviledges should be executed by the network-logon-script (a .bat-file).
This application will copy a dllfile and register it if it not exists on the users local machine and write some keys to the registry.
I don't what to let the user be allowed to register dll's or edit the registry.

So If I build a Service and put it on a networkshare that all users has access to and grant them rights to execute it should that solve the problem.

I would like to avoid running around and make this machine by machine, it's a couple of them...

If a build the service, should I use srvany.exe? (Q137890 knowledgebase)

Thanks again
0
 
LVL 1

Accepted Solution

by:
GERTJAN earned 765 total points
ID: 8146346
Andreas,
It possible to let the VB application take care of the passwordtyping and don't interact with the user that executes the application.

You can use the CreateProcessWithLogonW API.
The CreateProcessWithLogonW function creates a new process and its primary thread. The new process then runs the specified executable file in the security context of the specified credentials (user, domain, and password). It can optionally load the user profile of the specified user.
The CreateProcessWithLogonW function is similar to the CreateProcessAsUser function, except that the caller does not need to call the LogonUser function to authenticate the user and get a token.

Here is the code:

Private Const LOGON_WITH_PROFILE = &H1&
Private Const LOGON_NETCREDENTIALS_ONLY = &H2&
Private Const CREATE_DEFAULT_ERROR_MODE = &H4000000
Private Const CREATE_NEW_CONSOLE = &H10&
Private Const CREATE_NEW_PROCESS_GROUP = &H200&
Private Const CREATE_SEPARATE_WOW_VDM = &H800&
Private Const CREATE_SUSPENDED = &H4&
Private Const CREATE_UNICODE_ENVIRONMENT = &H400&
Private Const ABOVE_NORMAL_PRIORITY_CLASS = &H8000&
Private Const BELOW_NORMAL_PRIORITY_CLASS = &H4000&
Private Const HIGH_PRIORITY_CLASS = &H80&
Private Const IDLE_PRIORITY_CLASS = &H40&
Private Const NORMAL_PRIORITY_CLASS = &H20&
Private Const REALTIME_PRIORITY_CLASS = &H100&
Private Type PROCESS_INFORMATION
    hProcess As Long
    hThread As Long
    dwProcessId As Long
    dwThreadId As Long
End Type
Private Type STARTUPINFO
    cb As Long
    lpReserved As Long
    lpDesktop As Long
    lpTitle As Long
    dwX As Long
    dwY As Long
    dwXSize As Long
    dwYSize As Long
    dwXCountChars As Long
    dwYCountChars As Long
    dwFillAttribute As Long
    dwFlags As Long
    wShowWindow As Integer
    cbReserved2 As Integer
    lpReserved2 As Byte
    hStdInput As Long
    hStdOutput As Long
    hStdError As Long
End Type
Private Declare Function CreateProcessWithLogon Lib "Advapi32" Alias "CreateProcessWithLogonW" (ByVal lpUsername As Long, ByVal lpDomain As Long, ByVal lpPassword As Long, ByVal dwLogonFlags As Long, ByVal lpApplicationName As Long, ByVal lpCommandLine As Long, ByVal dwCreationFlags As Long, ByVal lpEnvironment As Long, ByVal lpCurrentDirectory As Long, lpStartupInfo As STARTUPINFO, lpProcessInfo As PROCESS_INFORMATION) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long

Private Sub Form_Load()
    Dim lpUsername As String, lpDomain As String, lpPassword As String, lpApplicationName As String
    Dim lpCommandLine As String, lpCurrentDirectory As String
    Dim StartInfo As STARTUPINFO, ProcessInfo As PROCESS_INFORMATION
    lpUsername = "Admin User"
    lpDomain = ""
    lpPassword = "Admins user_password"
    lpApplicationName = "C:\WINNT\NOTEPAD.EXE"
    lpCommandLine = vbNullString 'use the same as lpApplicationName
    lpCurrentDirectory = vbNullString 'use standard directory
    StartInfo.cb = LenB(StartInfo) 'initialize structure
    StartInfo.dwFlags = 0&
    CreateProcessWithLogon StrPtr(lpUsername), StrPtr(lpDomain), StrPtr(lpPassword), LOGON_WITH_PROFILE, StrPtr(lpApplicationName), StrPtr(lpCommandLine), CREATE_DEFAULT_ERROR_MODE Or CREATE_NEW_CONSOLE Or CREATE_NEW_PROCESS_GROUP, ByVal 0&, StrPtr(lpCurrentDirectory), StartInfo, ProcessInfo
    CloseHandle ProcessInfo.hThread 'close the handle to the main thread, since we don't use it
    CloseHandle ProcessInfo.hProcess 'close the handle to the process, since we don't use it
    'note that closing the handles of the main thread and the process do not terminate the process
    'unload this application
    Unload Me
End Sub
0
 

Author Comment

by:AndreasOlausson
ID: 8158868
Thanks I'll guess that will solve the problem for me!

Regards
Andreas
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction While answering a recent question (http://www.experts-exchange.com/Q_27402310.html) in the VB classic zone, I wrote some VB code in the (Office) VBA environment, rather than fire up my older PC.  I didn't post completely correct code o…
Since upgrading to Office 2013 or higher installing the Smart Indenter addin will fail. This article will explain how to install it so it will work regardless of the Office version installed.
Get people started with the process of using Access VBA to control Excel using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Excel. Using automation, an Access application can laun…
Show developers how to use a criteria form to limit the data that appears on an Access report. It is a common requirement that users can specify the criteria for a report at runtime. The easiest way to accomplish this is using a criteria form that a…
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question