Solved

Need users to run HTA as admin

Posted on 2011-03-04
6
1,550 Views
Last Modified: 2012-05-11
Hi again!

I need to run HTA vbscripts as an domain administrator, so i can give tools to my coworkers and let them reset passwords etc. by the HTA. Need it plain and simple, best would be in the HTA.  
0
Comment
Question by:RowaldLaterveer
  • 3
  • 2
6 Comments
 
LVL 11

Expert Comment

by:Tasmant
ID: 35037271
The simplest way should to delegate them the right to reset passwords (and other stuff you want they do) with their user account instead to write the domain administrator within the hta.
And as soon as they have the delegation, they could run the hta with their account to do the stuff, that will work.
0
 

Author Comment

by:RowaldLaterveer
ID: 35037441
Tasmant, i have created another user who has ad rights, i want to run the HTA with priviliges within the HTA (don't know how to encode... so yes, plain text, or create an exe). I know there is a "impersonate" function but that's it..
0
 

Author Comment

by:RowaldLaterveer
ID: 35057656
Ok, the price just went up..
0
Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

 
LVL 65

Expert Comment

by:RobSampson
ID: 35062046
Hi, you can encode the VBScript portion of HTA files, but that may still not function the way you need it to:
http://blogs.technet.com/b/heyscriptingguy/archive/2006/03/09/how-can-i-encode-scripts-within-an-hta.aspx

For AD operations, you can use the OpenDSObject method to provide alternate credentials during LDAP binds.

Some way or another though, you're wanting to provide your domain admin rights to someone else....it sound like a very secure idea.

Maybe what you could do is create a VBS that uses PSExec to run the HTA, and runs:

Set objShell = CreateObject("WScript.Shell")
objShell.Run "\\server\share\psexec.exe -accepteula -i -u domain\admin -p password mshta.exe \\server\share\myhta.hta", 1, False

And then, convert that VBS to an EXE with VBS2EXE:
www.f2ko.de

Regards,

Rob.
0
 

Author Comment

by:RowaldLaterveer
ID: 35067892
Rob, i have tied the above, only the exe can't run an HTA, just the vbscript part. The code i am using is the code you helpded compiling to change passwords (HTA). PSEXEC maybe is an option, but i like to code it into the script.

The encode option won't work;
C:\script\encode>screnc /f /e htm wachtwoord.hta

Scripting encoder object ("Scripting.Encoder") failed on C:\script\encode\wachtwoord.hta

Is there no impersonation script? Or maybe a bat file to create with admin rights, wich can start the HTA?
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
ID: 35073344
If the VBScript didn't work, then this command in a batch file:
\\server\share\psexec.exe -accepteula -i -u domain\admin -p password mshta.exe \\server\share\myhta.hta

as long as the batch is run as admin, should work too.

Regards,

Rob.
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
If not exist vbs error 4 48
Recursive folder search vbscript 7 47
problems with mysql ODBC Connector and vbscript 4 31
Batch/VBScript : Disable Windows tasks 7 34
Recently I finished a vbscript that I thought I'd share.  It uses a text file with a list of server names to loop through and get various status reports, then writes them all into an Excel file.  Originally it was put together for our Altiris server…
Script to copy or move mouse-selected collection of files plus targets referenced by shortcuts (.lnk) The purpose of this article is to help illuminate the real challenges and options available (where they may exist) for utilizing simple scriptin…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question