Running a program / patch with admin rights via login script

This code normally works but when I run it, it starts to install but then it says you do not have administrative rights to install this, please contact your administrator.  Anyway we can admin rights temporarly for me to run this on login script?
If (IsMember(objUser, "DST Patch") = True) Then
intReturnCode = objShell.Run("\\beaches\NETLOGON\kb933360.exe /quite /norestart",  0, False)
End If

Open in new window

dbrs_helpdeskAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

cupCommented:
Is it possible for you to use runas?  You can make a shortcut with runas with the correct password.
0
dbrs_helpdeskAuthor Commented:
I can use runas but you will have to elabirate on this please.
0
cupCommented:
Two ways of doing this.  Say your script is called tpircs.vbs

1) From the command line

runas /user:administrator cscript.exe tpircs.vbs

You will get a prompt for the password.

2) From an Explorer window, right click on tpircs.vbs, select Create Shortcut
Right click on the shortcut, select Properties
In the properties dialog, click on the ShortCut tab then select Advanced.
In the Advanced Props dlg, select run with different credentials.

When you execute the shortcut, it will ask you which user you wish to run as and the password.


0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

dbrs_helpdeskAuthor Commented:
This is what I have come up with.
If (IsMember(objUser, "DST Patch") = True) Then
intReturnCode = objShell.Run("RunAsSet('Administrator', @Computername, 'password1234')") \\beaches\NETLOGON\kb933360.exe /quite /norestart",  0, False)
End If

Open in new window

0
dbrs_helpdeskAuthor Commented:
Thanks for your input, but I can not have a prompt for the user name or password.  I need the program to runas the administrator when they log in.
0
RobSampsonCommented:
Hi, see this, it uses PSExec.
http://www.experts-exchange.com/Programming/Languages/Visual_Basic/VB_Script/Q_22853238.html

You can probably do away with the whole Normal_User_Commands if installing the patch is all you're doing.

Regards,

Rob.
0
dbrs_helpdeskAuthor Commented:
Thanks for all your help guys.  I was able to fine a script to run as.  It is posted below.  This should help with anything in the future.
'  Use this script in combination with a 'normal' batchfile,
'  first 'encode' this script then copy the content into the batchfile's 'Alternate Data Streams' (on NTFS only).
 
'note,
' use the credentials of a specialy created domain useraccount, add this
' account to the local administrators group by using 'Restricted Groups'  
 
'example and explaining given:
'http://www.petri.co.il/forums/showth...t=14375&page=2
 
'----------------------------------------------------------------------------------------
' Two options for opening a file:
' Fill in for 'setupFile': "path\application" (between quotes) to runas,
' or else, fill in: Null without quotes instead-> for opening a filebrower and then runas.
' (tip: if setupFile = Null then you could also Drag'nDrop a file to open on top of this file)
 
 
   setupFile = "setup file  *****  Put location HERE!!!!!!!!"   ' <--- Or: Null (w/out quotes)
 
'//-=c=-=o=-=n=-=f=-=e=-=n=-=t=-=i=-=a=-=l=-\\
   sUsername = administrator
   sPassword = password
'\\-=c=-=o=-=n=-=f=-=e=-=n=-=t=-=i=-=a=-=l=-//
 
If IsNull(sPassword) Or sPassword = "" then
   If IsNull(sUsername) Or sUsername = "" then wscript.exit
   sPassword = Trim(InputBox(vbcr&vbcr&vbcrl&vbcr&vbcrl&vbcr&vbcrl&vbcr&vbcrl& _
      "(empty the box) Enter Password only:", "Password needed (be careful, "& _
      "typed in visible characters!)", "("&sUsername&")", l, t))
End If
 
'----------------------------------------------------------------------------------------
 
If IsNull(setupFile) Or setupFile = "" then
   If Wscript.Arguments.Count <> 0 Then
      setupFile = Wscript.Arguments.Item(0)
   Else
      Set objDialog = CreateObject("UserAccounts.CommonDialog")
      '=> http://blogs.msdn.com/gstemp/archive.../17/74868.aspx
      objDialog.Filter = "Setup Files|*.com; *.exe; *.msi|Script Files|*.bat; *.cmd; *.vbs; *.vbe"
      objDialog.Flags = &H0200 '<-- multi-select File Open dialog box
      objDialog.FilterIndex = 1
      objDialog.InitialDir = "."
      intResult = objDialog.ShowOpen
        If intResult = 0 Then
           Wscript.Quit
        Else
           setupFile = objDialog.FileName
        End If
    End If
End If
 
strFileExtension = Right(setupFile,len(setupFile)-InStrRev(setupFile,"."))
      If LCase(strFileExtension) = "vbe" _
      Or LCase(strFileExtension) = "vbs" _
       Then setupFile = "wscript.exe //I \"&chr(34)& setupFile &"\"&chr(34)
      If LCase(strFileExtension) = "msi" _
       Then setupFile = "msiexec /i \"&chr(34)& setupFile &"\"&chr(34)
      '=> http://msdn2.microsoft.com/en-us/library/aa367988.aspx
 
set objShell = CreateObject("Wscript.Shell")
objShell.run("runas.exe /noprofile /u:" & sUsername & _
             " "& chr(34) & setupFile & chr(34))
 
WScript.Sleep 333   '<----(miliseconds, needed to fully open the Runas: "enter password" window
objShell.AppActivate "runas.exe"
objShell.AppActivate "runas.exe"
objShell.AppActivate "runas.exe"
If objShell.AppActivate("runas.exe") then _
objShell.Sendkeys sPassword&"~"  '<--- auto fill-in the password, and continue
 
set objShell = Nothing
Wscript.Quit
 
 
' example for the batch-file to call the above VBscript within the file its own ADS;
' @start wscript %0:streamname "%1"

Open in new window

0
RobSampsonCommented:
Hi, that uses the SendKeys method, which can be unreliable if another application happens to steal the focus from the command prompt, as the password will not get to it, and may even be written to the active window, such as Notepad.

With PSExec, you pass it straight to the command line. Also, with your method, you may have the password in the file, in plain text.  If you use the login script Parameters, the password is passed from the GPO.

Regards,

Rob.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VB Script

From novice to tech pro — start learning today.