Solved

Need users to run HTA as admin

Posted on 2011-03-04
6
1,565 Views
Last Modified: 2012-05-11
Hi again!

I need to run HTA vbscripts as an domain administrator, so i can give tools to my coworkers and let them reset passwords etc. by the HTA. Need it plain and simple, best would be in the HTA.  
0
Comment
Question by:RowaldLaterveer
  • 3
  • 2
6 Comments
 
LVL 11

Expert Comment

by:Tasmant
ID: 35037271
The simplest way should to delegate them the right to reset passwords (and other stuff you want they do) with their user account instead to write the domain administrator within the hta.
And as soon as they have the delegation, they could run the hta with their account to do the stuff, that will work.
0
 

Author Comment

by:RowaldLaterveer
ID: 35037441
Tasmant, i have created another user who has ad rights, i want to run the HTA with priviliges within the HTA (don't know how to encode... so yes, plain text, or create an exe). I know there is a "impersonate" function but that's it..
0
 

Author Comment

by:RowaldLaterveer
ID: 35057656
Ok, the price just went up..
0
Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 65

Expert Comment

by:RobSampson
ID: 35062046
Hi, you can encode the VBScript portion of HTA files, but that may still not function the way you need it to:
http://blogs.technet.com/b/heyscriptingguy/archive/2006/03/09/how-can-i-encode-scripts-within-an-hta.aspx

For AD operations, you can use the OpenDSObject method to provide alternate credentials during LDAP binds.

Some way or another though, you're wanting to provide your domain admin rights to someone else....it sound like a very secure idea.

Maybe what you could do is create a VBS that uses PSExec to run the HTA, and runs:

Set objShell = CreateObject("WScript.Shell")
objShell.Run "\\server\share\psexec.exe -accepteula -i -u domain\admin -p password mshta.exe \\server\share\myhta.hta", 1, False

And then, convert that VBS to an EXE with VBS2EXE:
www.f2ko.de

Regards,

Rob.
0
 

Author Comment

by:RowaldLaterveer
ID: 35067892
Rob, i have tied the above, only the exe can't run an HTA, just the vbscript part. The code i am using is the code you helpded compiling to change passwords (HTA). PSEXEC maybe is an option, but i like to code it into the script.

The encode option won't work;
C:\script\encode>screnc /f /e htm wachtwoord.hta

Scripting encoder object ("Scripting.Encoder") failed on C:\script\encode\wachtwoord.hta

Is there no impersonation script? Or maybe a bat file to create with admin rights, wich can start the HTA?
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
ID: 35073344
If the VBScript didn't work, then this command in a batch file:
\\server\share\psexec.exe -accepteula -i -u domain\admin -p password mshta.exe \\server\share\myhta.hta

as long as the batch is run as admin, should work too.

Regards,

Rob.
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Script to copy or move mouse-selected collection of files plus targets referenced by shortcuts (.lnk) The purpose of this article is to help illuminate the real challenges and options available (where they may exist) for utilizing simple scriptin…
Not long ago I saw a question in the VB Script forum that I thought would not take much time. You can read that question (Question ID  (http://www.experts-exchange.com/Programming/Languages/Visual_Basic/VB_Script/Q_28455246.html)28455246) Here (http…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question