How do I use a VBScript with admin rights

I have a VBscript that works with all PC's.  We are now locking down our PC's and taking away Local Admin rights.  Now I am getting an error you do not have admin rights to execute this VBScript.

Here is the VBscript:
Dim WshShell, objShell, Shell
Dim objEnv
Dim strlogonserver, strFilePath1, strFilePath2, strFilePath3, strVerKey, strVersion
Dim objFSO, objScreensaver, objBackgroundlogo, objFolder
Dim ExistingSCSize, ExistingBGSize, FolderExisted

' Get the WshShell object.
Set WshShell = CreateObject("WScript.Shell")
Set objShell = WScript.CreateObject("WScript.Shell")
Set Shell = CreateObject("WScript.Shell")

' Get collection by using the Environment property.
Set objEnv = WshShell.Environment("Process")

strlogonserver = objShell.ExpandEnvironmentStrings("%logonserver%")
strFilePath1 = strlogonserver & "\NetLogon\Westbackgroundlogo.jpg"
strFilePath2 = strlogonserver & "\NetLogon\Westscreensaver.scr"
strFilePath3 = strlogonserver & "\NetLogon\Vista\Westscreensaver.scr"
strVerKey = "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\"
strVersion = Shell.regread(strVerKey & "CurrentVersion")

' These constansts contain the size of each of the files that need to be copied
Const intScreensaverSize_XP2K=313083
Const intScreensaverSize_Vista=1370624
Const intBackgroundlogoSize=72720
Const OverwriteExisting=TRUE

Set objFSO = CreateObject("Scripting.FileSystemObject")

' Get File sizes of the existing screensaver and logo
If objFSO.FileExists("C:\West\Westscreensaver.scr") Then
      Set objScreensaver = objFSO.getFile("C:\West\Westscreensaver.scr")
End If  

If objFSO.FileExists("C:\West\Westbackgroundlogo.jpg") Then
      Set objBackgroundlogo = objFSO.getFile("C:\West\Westbackgroundlogo.jpg")
End If

' Check if folder c:\west exists, if not, create it
If Not objFSO.FolderExists("C:\West") Then
      Set objFolder = objFSO.CreateFolder("C:\West")
End If

' Check logo
' If the folder did not exist or if the filesize does not match, copy the logo to the computer again
If ( (Not FolderExisted) Or (Not (ExistingBGSize =intBackgroundlogoSize)) ) Then
      objFSO.CopyFile strFilePath1 , "C:\West\", OverwriteExisting
End If

' Check the screensaver
' If the folder did not exist or if the filesize does not match, copy the screensaver to the computer again
If strVersion => "6.0" Then

      If ((Not FolderExisted) Or (Not (ExistingSCSize= intScreensaverSize_Vista)) ) Then
            objFSO.CopyFile strFilePath3 , "C:\West\", OverwriteExisting
      End If


      If ((Not FolderExisted) Or (Not (ExistingSCSize= intScreensaverSize_XP2K)) ) Then
            objFSO.CopyFile strFilePath2 , "C:\West\", OverwriteExisting
      End If

End If
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.


There are a number of was to achive this the simplest one being to run the script with administrative privalages. i.e. runas /profile /user:domain\admin "cscript.exe C:\MyVBScript.vbs"
Where "domain\admin" is the the domain and account name of an administrator and "C:\MyVBScript.vbs" is the path to your script.

Another option would be to grant the users the correct permissions on the objects that are used in the script. i.e.
read permissions on the reg key "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\"
read/write permissons on the directory "C:\West\"

A third option would be to apply the script as a computer start up script in group policy so that it runs with system privileges rather than under a user account.

Hope one of these helps!


There are also run-as programs available to be able to run a batch file as a different user.

LSRunasE is one such program that's pretty easy to set up.  It pipes in the runas command an encrypted password and runs the script as any user/password chosen after setting up the encryption first.

smkgrbmkAuthor Commented:
This script is being used with a GPO for Active Directory.  So I will try your suggestion of the third option and execute this VBScript in the Computer startup script of the policy.  The only problem I could see here is that file are being copied from other shared drive that may not be available until the user logs in.  If so the script would fail.

Startup scripts run with System privileges on the local computer but with the privileges of the computer object elsewhere in the domain. So if the script does fail for that reason then give 'domain computers' read access to the share. Also if the share is mapped to a drive letter then it would be best to use a UNC path rather than the mapped drive. i.e use: "\\server\share\folder" rather than "X:\folder"


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.