Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Need users to run HTA as admin

Posted on 2011-03-04
6
Medium Priority
?
1,661 Views
Last Modified: 2012-05-11
Hi again!

I need to run HTA vbscripts as an domain administrator, so i can give tools to my coworkers and let them reset passwords etc. by the HTA. Need it plain and simple, best would be in the HTA.  
0
Comment
Question by:RowaldLaterveer
  • 3
  • 2
6 Comments
 
LVL 11

Expert Comment

by:Tasmant
ID: 35037271
The simplest way should to delegate them the right to reset passwords (and other stuff you want they do) with their user account instead to write the domain administrator within the hta.
And as soon as they have the delegation, they could run the hta with their account to do the stuff, that will work.
0
 

Author Comment

by:RowaldLaterveer
ID: 35037441
Tasmant, i have created another user who has ad rights, i want to run the HTA with priviliges within the HTA (don't know how to encode... so yes, plain text, or create an exe). I know there is a "impersonate" function but that's it..
0
 

Author Comment

by:RowaldLaterveer
ID: 35057656
Ok, the price just went up..
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 65

Expert Comment

by:RobSampson
ID: 35062046
Hi, you can encode the VBScript portion of HTA files, but that may still not function the way you need it to:
http://blogs.technet.com/b/heyscriptingguy/archive/2006/03/09/how-can-i-encode-scripts-within-an-hta.aspx

For AD operations, you can use the OpenDSObject method to provide alternate credentials during LDAP binds.

Some way or another though, you're wanting to provide your domain admin rights to someone else....it sound like a very secure idea.

Maybe what you could do is create a VBS that uses PSExec to run the HTA, and runs:

Set objShell = CreateObject("WScript.Shell")
objShell.Run "\\server\share\psexec.exe -accepteula -i -u domain\admin -p password mshta.exe \\server\share\myhta.hta", 1, False

And then, convert that VBS to an EXE with VBS2EXE:
www.f2ko.de

Regards,

Rob.
0
 

Author Comment

by:RowaldLaterveer
ID: 35067892
Rob, i have tied the above, only the exe can't run an HTA, just the vbscript part. The code i am using is the code you helpded compiling to change passwords (HTA). PSEXEC maybe is an option, but i like to code it into the script.

The encode option won't work;
C:\script\encode>screnc /f /e htm wachtwoord.hta

Scripting encoder object ("Scripting.Encoder") failed on C:\script\encode\wachtwoord.hta

Is there no impersonation script? Or maybe a bat file to create with admin rights, wich can start the HTA?
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 2000 total points
ID: 35073344
If the VBScript didn't work, then this command in a batch file:
\\server\share\psexec.exe -accepteula -i -u domain\admin -p password mshta.exe \\server\share\myhta.hta

as long as the batch is run as admin, should work too.

Regards,

Rob.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Script to copy or move mouse-selected collection of files plus targets referenced by shortcuts (.lnk) The purpose of this article is to help illuminate the real challenges and options available (where they may exist) for utilizing simple scriptin…
In this article we want to have a look at the directory attributes which are used by Microsoft to store the so called Security Identifiers (SID). These SIDs plays an important role in delegating and granting permissions and in authentication of trus…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question