Solved

Need to have a program that runs under Limited User but allows launching of Command prompt, etc. w/ Admin rights

Posted on 2006-11-23
6
262 Views
Last Modified: 2010-04-23
Here's our dilemma.  We have an extremely locked down environment on remote machines (no command prompt, control panel, etc).  Rather than having to logoff/on each time, we need quick access to the command prompt.

We want a program that will a launch, prompt for a "daily passcode" (IE today's date * 5, or whatever).  Then, you click a button and it launches the command prompt.  Since the command prompt is BLOCKED by Group Policy, it needs to launch CMD.EXE w/ RUN AS but shouldn't prompt for the user.

Something like this -- > http://launch-admin.sourceforge.net/

The difference is, that we want it to be custom tailoried to our environment so we can add our "daily passcode" protection.

I'm not a programmer, but we have one here in our office that would understand VB .NET if I had the code.  We can also do in VB6 if it's easy enough -- But that may not be the way to go.


Thanks!
0
Comment
Question by:jgantes
  • 3
  • 3
6 Comments
 
LVL 16

Expert Comment

by:Hillwaaa
ID: 18001886
Hi jgantes,

if you put the following into a VB .NET project it will (when run) prompt you for the users's password then start cmd.exe.  There isn't a "/password" option for runas, so I don't think you can supply this easily.  If you still need the "daily passcode" as well as the user you could just craft a popup windows form that prompts for the passcode.  Let me know if you need a hand with this as well.

        Dim x As New System.Diagnostics.Process
        x.StartInfo.FileName = "runas.exe"
        x.StartInfo.Arguments = "/user:DomainName\AdministratorAccountName cmd.exe"
        x.Start()

Cheers,
Hillwaaa
0
 

Author Comment

by:jgantes
ID: 18004501
Hi Hilwaaa,

I'm thinking the daily passcode part should be prett straightforward.  I guess we're out of luck then on the "runas" situation.  Stinks that there isn't a way to automate the password portion --

I know there is a source forge project that provides a full-fledged app. that can launch items as another user, but it's not quite what we need.

What about user impersonation in VB?  Any ideas on that?

Thanks!
0
 

Author Comment

by:jgantes
ID: 18006210
I found a third party product (that I was originally avoiding) that will do everything I need from a CLI.

http://www.quimeras.com

I'll still need a program that opens up, prompts for a "daily passcode" and if correct, lets the person enter and click a button that launchs the my third party app w/ command line switches!
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 16

Accepted Solution

by:
Hillwaaa earned 225 total points
ID: 18006570
Hi jgantes - try this (was coded in VB .NET 2003):




Public Class Form1


    Inherits System.Windows.Forms.Form

#Region " Windows Form Designer generated code "

    Public Sub New()
        MyBase.New()
        'This call is required by the Windows Form Designer.
        InitializeComponent()

        'Add any initialization after the InitializeComponent() call

    End Sub

    'Form overrides dispose to clean up the component list.
    Protected Overloads Overrides Sub Dispose(ByVal disposing As Boolean)
        If disposing Then
            If Not (components Is Nothing) Then
                components.Dispose()
            End If
        End If
        MyBase.Dispose(disposing)
    End Sub

    'Required by the Windows Form Designer
    Private components As System.ComponentModel.IContainer

    'NOTE: The following procedure is required by the Windows Form Designer
    'It can be modified using the Windows Form Designer.  
    'Do not modify it using the code editor.
    Friend WithEvents TextBox1 As System.Windows.Forms.TextBox
    Friend WithEvents Button1 As System.Windows.Forms.Button
    Friend WithEvents Label1 As System.Windows.Forms.Label
    <System.Diagnostics.DebuggerStepThrough()> Private Sub InitializeComponent()
        Me.TextBox1 = New System.Windows.Forms.TextBox
        Me.Button1 = New System.Windows.Forms.Button
        Me.Label1 = New System.Windows.Forms.Label
        Me.SuspendLayout()
        '
        'TextBox1
        '
        Me.TextBox1.Location = New System.Drawing.Point(136, 40)
        Me.TextBox1.Name = "TextBox1"
        Me.TextBox1.TabIndex = 3
        Me.TextBox1.Text = ""
        '
        'Button1
        '
        Me.Button1.Location = New System.Drawing.Point(160, 136)
        Me.Button1.Name = "Button1"
        Me.Button1.TabIndex = 4
        Me.Button1.Text = "OK"
        '
        'Label1
        '
        Me.Label1.Location = New System.Drawing.Point(8, 40)
        Me.Label1.Name = "Label1"
        Me.Label1.Size = New System.Drawing.Size(112, 23)
        Me.Label1.TabIndex = 5
        Me.Label1.Text = "Enter daily postcode:"
        '
        'Form1
        '
        Me.AcceptButton = Me.Button1
        Me.AutoScaleBaseSize = New System.Drawing.Size(5, 13)
        Me.ClientSize = New System.Drawing.Size(256, 174)
        Me.Controls.Add(Me.Label1)
        Me.Controls.Add(Me.Button1)
        Me.Controls.Add(Me.TextBox1)
        Me.Name = "Form1"
        Me.Text = "Open Command Shell"
        Me.ResumeLayout(False)

    End Sub

#End Region


    Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load


    End Sub


    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        If (Me.TextBox1.Text.Equals(CStr(Now.Day * 5))) Then

            Dim x As New System.Diagnostics.Process
            x.StartInfo.FileName = "runas.exe"
            x.StartInfo.Arguments = "/user:Domain\UserAccount cmd.exe"
            x.Start()
        Else
            MessageBox.Show("Invalid Passcode")
        End If

    End Sub
End Class
0
 
LVL 16

Expert Comment

by:Hillwaaa
ID: 18006575
You'll have to update the name of the application (and any arguments) - as well as change the daily passcode function if you don't want the day*5 formula.

Cheers,
Hillwaaa
0
 

Author Comment

by:jgantes
ID: 18008826
Thanks a ton Hilwaa!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

1.0 - Introduction Converting Visual Basic 6.0 (VB6) to Visual Basic 2008+ (VB.NET). If ever there was a subject full of murkiness and bad decisions, it is this one!   The first problem seems to be that people considering this task of converting…
Microsoft Reports are based on a report definition, which is an XML file that describes data and layout for the report, with a different extension. You can create a client-side report definition language (*.rdlc) file with Visual Studio, and build g…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now