Solved

Using RunAs in a Login Script...

Posted on 2004-03-26
16
20,011 Views
Last Modified: 2013-12-04
Hello...

I need to install a program on Windows XP/2000/2003 machines via a login script.  The problem is that it will only run with admin credentials which I do not want to give to users (nor can I per company policy).  There are some 950 machines spread over a huge campus so local installs would be a major pain.

How can I write a login script that will:

A.  Check the OS version (so that it does not run on 95/98 machines)

B.  Use the RunAs command to run the install as an admin.

Thanks,
Clarence
0
Comment
Question by:dspent
16 Comments
 
LVL 67

Expert Comment

by:sirbounty
ID: 10691922
Hi dspent,
A) with a script you could set it to do the following

==================
@echo off
Goto %OS%

REM And then just create labels for the operating systems you want this to run against, i.e

:Windows_NT
 ::Run script
=================

But, RunAs will prompt for a password...

Do you have SMS installed in your environment? http://www.microsoft.com/windows2000/techinfo/planning/management/smsintell.asp
or via a policy:

http://support.microsoft.com/?kbid=302430


~sirbounty
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10692172
I agree with SIRBOUNTY that you should use a Software Management System, but you could use RunAs Professional in a batchjob without compromizing security
http://www.mast-computer.de/


---------------------------------
@echo off
ver > C:\TEMP\WINVER.INF
:START
cls

FIND "Windows XP" < C:\TEMP\WINVER.INF > nul
if not errorlevel=1 GOTO :RUNAS
FIND "Windows 2000" < C:\TEMP\WINVER.INF > nul
if not errorlevel=1 GOTO :RUNAS

Echo This is w9x
GOTO END

:RUNAS
Echo This is W2k or XP

Echo Use RunAs Professional here ....


:END
---------------------------------------------

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 
LVL 1

Author Comment

by:dspent
ID: 10694824
the problem with programs like RunAs and TQCRunAs is they cost money.  Money that the IS department doesn't have or is not going to spend.  So its up to me and the other admins to figure out how to do this without those tools.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 1

Author Comment

by:dspent
ID: 10694830
and we do have a copy of SMS but it is not licensed for full deployment.  We use Landesk 8.01.  The problem here though is that the install that we need to do is the Landesk client agents....so you see my dilemma.
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10695995
Do you have a compiler for some source-code ? Then compile an exe-file with the password hidden in it. That's what I'm using, but I guess there's a lot of other compilers out there.

It could be done with www.winbatch.com, but the evaluating version does'nt have the compiler, it costs.

BTW: I'm dealing with the same issue on http://www.experts-exchange.com/Security/Win_Security/Q_20576959.html
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10696084
I don't know this compiler, but it's free

Compile C and C++ programs for either DOS or Windows for free
http://yippee.i4free.co.nz/html/win/developer/title3191.htm

0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10699806
This one also have the administrators password in readable text, but it can be saved by you on a serverfolder, where only domain admins can read, and ...

Install Software on a Remote Computer
http://www.microsoft.com/technet/community/scriptcenter/compmgmt/scrcm28.mspx
0
 
LVL 1

Author Comment

by:dspent
ID: 10701026
sorry but I don't understand any of that stuff.....could you explain it more......i.e. give me the Compiling C and C++....Writing Scripts for C and C++ 101 for dummies lesson.

Tnanks
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10704460
Sorry - as told "I don't know this compiler, but it's free"

The issue is, that there are a lot of compilers out there. I use www.winbatch.com, but the evaluating version does'nt have the compiler, it costs.

Maybe try to find a free compiler yourself, or by one

I recommend WinBatch, it's very powerfull, and have a lot of example programs

If so, I could easily write the winbatch-sourcecode for you.
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10704461
Maybe try to find a free compiler yourself, or by one
Maybe try to find a free compiler yourself, or buy one
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10723087
Here's a free compiler
http://www.hiddensoft.com/autoit3/downloads.php

***quote***
It is possible to take your .au3 script and compile it into a standalone executable; this executable can be used without the need for AutoIt to be installed and without the need to have AutoIt3.exe on the machine.  In addition, the compiled script is compressed and encrypted and there is the option to bind additional files (also compressed/encrypted) to the exe using the FileInstall function.  Also, any #include files will also be compiled into the script so they are not required at run-time.
***end of quote***
0
 
LVL 12

Accepted Solution

by:
trywaredk earned 500 total points
ID: 10723389
This one works in autoit3, and can be compiled to an exe-file.

Create InstallXxxxAsAdmin.au3

--------------------------------------------------------------------------------------------------
Dim $UserName, $DomainName, $Password, $RunProgram, $RunPath

$UserName = "Administrator"
$DomainName = "YourDomainName"
$Password = "zzzzzzzzzzzzzzzzzzzzzz"

$RunProgram = "Setup.exe"
$RunPath = "C:\Winnt"


RunAsSet ( $UserName, $DomainName, $Password )

$val = RunWait($RunProgram, $RunPath, @SW_MAXIMIZE)

--------------------------------------------------------------------------------------------------


Compile it, and you will have an binary InstallXxxxAsAdmin.exe
0
 
LVL 1

Author Comment

by:dspent
ID: 10727977
thanks trywaredk......you are truly someone who doesn't give up.  I made the script and compiled it and it runs perfectly.
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10734370
:o) Glad I could help you - thank you for the points

You could modify the last line
$val = RunWait($RunProgram, $RunPath, @SW_MAXIMIZE)


  @SW_HIDE = Hidden window
  @SW_MINIMIZE = Minimized window
  @SW_MAXIMIZE = Maximized
0
 

Expert Comment

by:netguru6
ID: 12824958
Another tip to add value to this script:

If you set $domainName to "."   (without the quotes), then you could use local accounts from the local workstation or member server local SAM. Great for those without an NT or AD domain.

If you neet to execute commandline commands like DIR then change the command to "CMD.EXE /C  <command>"

Example:
CMD /C DIR
This will execute a DIR then close the DOS window

CMD /K DIR
This will execute a DIR then keep the DOS windows open at the command prompt

Enjoy,

Netguru6
0
 

Expert Comment

by:mdubon3
ID: 14980898
there is a tool called CPAU.exe that u can use
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question