RowaldLaterveer
asked on
Need users to run HTA as admin
Hi again!
I need to run HTA vbscripts as an domain administrator, so i can give tools to my coworkers and let them reset passwords etc. by the HTA. Need it plain and simple, best would be in the HTA.
I need to run HTA vbscripts as an domain administrator, so i can give tools to my coworkers and let them reset passwords etc. by the HTA. Need it plain and simple, best would be in the HTA.
ASKER
Tasmant, i have created another user who has ad rights, i want to run the HTA with priviliges within the HTA (don't know how to encode... so yes, plain text, or create an exe). I know there is a "impersonate" function but that's it..
ASKER
Ok, the price just went up..
Hi, you can encode the VBScript portion of HTA files, but that may still not function the way you need it to:
http://blogs.technet.com/b/heyscriptingguy/archive/2006/03/09/how-can-i-encode-scripts-within-an-hta.aspx
For AD operations, you can use the OpenDSObject method to provide alternate credentials during LDAP binds.
Some way or another though, you're wanting to provide your domain admin rights to someone else....it sound like a very secure idea.
Maybe what you could do is create a VBS that uses PSExec to run the HTA, and runs:
Set objShell = CreateObject("WScript.Shel l")
objShell.Run "\\server\share\psexec.exe -accepteula -i -u domain\admin -p password mshta.exe \\server\share\myhta.hta", 1, False
And then, convert that VBS to an EXE with VBS2EXE:
www.f2ko.de
Regards,
Rob.
http://blogs.technet.com/b/heyscriptingguy/archive/2006/03/09/how-can-i-encode-scripts-within-an-hta.aspx
For AD operations, you can use the OpenDSObject method to provide alternate credentials during LDAP binds.
Some way or another though, you're wanting to provide your domain admin rights to someone else....it sound like a very secure idea.
Maybe what you could do is create a VBS that uses PSExec to run the HTA, and runs:
Set objShell = CreateObject("WScript.Shel
objShell.Run "\\server\share\psexec.exe
And then, convert that VBS to an EXE with VBS2EXE:
www.f2ko.de
Regards,
Rob.
ASKER
Rob, i have tied the above, only the exe can't run an HTA, just the vbscript part. The code i am using is the code you helpded compiling to change passwords (HTA). PSEXEC maybe is an option, but i like to code it into the script.
The encode option won't work;
C:\script\encode>screnc /f /e htm wachtwoord.hta
Scripting encoder object ("Scripting.Encoder") failed on C:\script\encode\wachtwoor d.hta
Is there no impersonation script? Or maybe a bat file to create with admin rights, wich can start the HTA?
The encode option won't work;
C:\script\encode>screnc /f /e htm wachtwoord.hta
Scripting encoder object ("Scripting.Encoder") failed on C:\script\encode\wachtwoor
Is there no impersonation script? Or maybe a bat file to create with admin rights, wich can start the HTA?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
And as soon as they have the delegation, they could run the hta with their account to do the stuff, that will work.