• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 135
  • Last Modified:

Vbscript to Install Agent.exe on all Remote Windows Machine without Admin Rights


I am new to Vbscript, can you please guide me in creating the vbscript for installing Agent.exe without any Domain admin or local Admin rights.

I have created the script somehow, it works as

1. Looks for ComputerList.csv file
2. extracs hostname from the file
3. Ping the hostname
4. Copies the exe to the remote machine
5. Performs an Silent exe Installation.

But it requires Local domain admin rights

Option Explicit

On Error Resume Next

Dim objFSO, objFile, objRecordset, objConnection
Dim strSource,strProcess,strInFileName,strComputer,strComputerList
Dim strFullPath,strPathtoTextFile,strLogFileName
Dim intProcessID
Dim arrComputerList

Dim oConnection
Dim oRecordSet

Const ForWriting = 2
Const ForReading = 1
Const adOpenStatic = 3
Const adLockOptimistic = 3
Const adCmdText = &H0001

strLogFileName = "InstallRobot - " & Replace(date,"/","-") & ".log"

strFullPath = WScript.ScriptFullName

strPathtoTextFile = left(strFullPath,instrrev(strFullPath,"\" ) -1)
'strPathtoTextFile = "C:\Nimbus\"
strInFileName = strPathtoTextFile & "\" & "ComputerList.csv"
wscript.echo strInFileName

' Create and open the log file

Set objFSO = CreateObject("Scripting.FileSystemObject")

Set objFile = objFSO.OpenTextFile(strLogFileName, ForWriting, True)

' If there is a problem opening the Log file warn and quit

If Err.Number <> 0 Then

          wscript.echo strLogFileName & " could Not be opened due To Error " & _
              Err.description & "."

End If

' open the source file and read into a recordset

'Set objConnection = CreateObject("ADODB.Connection")
'Set objRecordSet = CreateObject("ADODB.Recordset")

'objConnection.Open "Provider=Microsoft.Jet.OLEDB.4.0;" & "Data Source=" & strPathtoTextFile & ";" & "Extended Properties=""text;HDR=yes;FMT=Delimited"""

'objRecordset.Open "SELECT * FROM " & strInFileName, objConnection

'On Error Resume Next

'Do Until objRecordset.EOF

Set oConnection = createobject("adodb.connection")
Set oRecordSet = createobject("adodb.recordset")
oConnection.open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source= " & strPathtoTextFile & ";Extended Properties=""text;HDR=yes;FMT=Delimited"""
oRecordSet.open "SELECT * FROM " & strInFileName ,oConnection,adOpenStatic, adLockOptimistic, adCmdText

 If Err.Number <> 0 Then

          wscript.echo strLogFileName & " Error: " & _
              Err.description & "."

End If
Do Until oRecordSet.EOF
      ' get the field values from the file
      strComputer = oRecordSet.Fields.Item(0).value
      wscript.echo strComputer
      strSource = oRecordSet.Fields.Item(1).value
      wscript.echo strSource
      strProcess = oRecordSet.Fields.Item(2).value
      'wscript.echo strProcess
      '      Copy the installation files from the source computer
      CopyFolder strSource,strComputer
      '      Start the Install, check that the install has been successful
      InstallRobot StrSource, strProcess, strComputer, intProcessID      
      '      Delete the folder one the install has been done
      DeleteFolder strSource,strComputer
      '      Write a string of dashes to seperate
      objFile.write vbCrlf & string(20,"-") & vbCrlf


'Clean up

Set objConnection = Nothing

Set oRecordSet = Nothing

Set objFSO = Nothing

Set objFile = Nothing
Sub CopyFolder(strSource,strComputer)

      'use shell object to copy a folder to a remote computer
      Dim strDest
      Dim objShell, objFolder
      If instr(strComputer,"\\") then
            strDest = strComputer & "\c$"
            strDest = "\\" & strComputer & "\c$"
      End If
      wscript.echo "Destination ", strDest, ", Source ", strSource

      Set objShell = CreateObject("Shell.Application")
      Set objFolder = objShell.NameSpace(strDest)

      objFolder.CopyHere strSource, FOF_CREATEPROGRESSDLG
      WScript.Echo "check that copy is successful and count the number of files in the directory"
      wscript.echo "Error:" & Err.number
      If Err.number = 0 Then      
            wscript.echo "Folder " & strSource & " successfuly copied to " & strComputer & vbCrlf
            objFile.Write "Folder " & strSource & " successfuly copied to " & strComputer & vbCrlf
            wscript.echo "Folder " & strSource & " Not copied to " & strComputer & vbCrlf &  " due To Error " & Error & "." & vbCrlf
          objFile.Write "Folder " & strSource & " Not copied to " & strComputer & vbCrlf &  _
                " due To Error " & Error & "." & vbCrlf
      End If
      'Clean up
      Set objShell = Nothing

      Set objFolder = Nothing
end sub
Sub DeleteFolder(strFolderName,strComputer)

      WScript.Echo "use WMI to delete a folder on a remote computer"

      Dim objWMIService, colFolders,objFolders
      Dim errResults, strDrive
      strFolderName =  "C:\\" & mid(strFolderName,instrRev(strFolderName,"\") + 1)
'      wscript.echo "Deleting Folder ", strFolderName
      Set objWMIService = GetObject("winmgmts:" _
          & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

      Set colFolders = objWMIService.ExecQuery _
          ("Select * from Win32_Directory where Name = '" & strFolderName & "'")

      For Each objFolder in colFolders

          errResults = objFolder.Delete

      If err.number = 0 Then

          objFile.Write "Folder " & strFolder & " successfuly deleted from " & strComputer & vbCrlf


          objFile.Write "Folder " & strFolder & " Not deleted from " & strComputer & vbCrlf &  _
                " due To " & Err.description & "." & vbCrlf
      End If

      'Clean up
      Set objWMIService = Nothing
      Set colFolders = Nothing

end Sub
Sub InstallRobot(StrSource, strProcess, strComputer, intProcessID)
      ' execute a file on a remote machine

      Dim objWMIService      
      wscript.echo "INSTALLROBOT"
      WScript.Echo strSource
      strProcess =  "C:\" & mid(strSource,instrRev(strSource,"\") + 1) & "\" & strProcess

      WScript.Echo strProcess
      Set objWMIService = GetObject _
          ("winmgmts:\\" & strComputer & "\root\cimv2:Win32_Process")
      WScript.Echo"Start the process on the remote machine"
      Error = objWMIService.Create(strProcess, null, null, intProcessID)

      WScript.Echo "ERROR "  & Error
      If Err.number = 0 Then

          objFile.Write "Installation of " & chr(34) & strProcess & chr(34) & vbCrlf & " was started with a process ID of " _
               & intProcessID & "." & vbCrlf


            objFile.Write "Installation of " & chr(34) & strProcess & chr(34) & vbCrlf & _
                      "could Not be started on " & strComputer &  " due To Error " & _
                    Err.description & "." & vbCrlf
              Exit Sub
      End If
      WScript.Echo "loop while checking if Nimbus Robot is still running"
      wscript.Sleep 1000
      Do While NimbusInstallRunning(strComputer,intProcessID)      
            intLoopCount = intLoopCount + 1
            If intLoopCount > 5 Then
            ' Installation has taken too long, abort
                  objFile.Write "Nimbus robot installation on " & strComputer & " may have hung - Aborting " & vbCrlf
                  Exit Sub
            End If             
            If intLoopCount > 3 Then
            ' installation has taken more than three minutes,
            ' it may be a slow machine so increase the wait time
                  wscript.Sleep 50000
                  wscript.Sleep 10000
            End If             
      'Clean up
      Set objWMIService = Nothing
End Sub
Function NimbusInstallRunning(strComputer,intProcessID)

      ' change this to using the PID at some stage to make it independant of
      ' Process Name

      NimbusInstallRunning = False

      Dim objWMIService, colProcesses
      Dim strProcessID
      strProcessID = cstr(intProcessID)
      Set objWMIService = GetObject("winmgmts:" _
          & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
      Set colProcesses = objWMIService.ExecQuery _
          ("Select * from Win32_Process Where Processid = '" & strProcessID & "'")
      If colProcesses.Count = 0 Then
              NimbusInstallRunning = False
                NimbusInstallRunning = True
      End If
      Set objWMIService = Nothing
      Set colProcesses = Nothing

End Function

but seems it requires Domain Admin Rights.
1 Solution
Only a member of the local administrators or power users group can install software. That is the Windows security model. The operating system (SYSTEM) can also install software. To allow anyone else to install software without rights is to go to the security model of Windows 95, which is that anyone can do everything.

If you can access to group policy, software can be deployed via startup script, ssince startup scripts are executed with operating system privileges.
Anuj75Author Commented:
Thanks for your response.

I got your point here, so I tried to make the changes in passing User Name and password in the script through which I which I can install the exe on remote machine. But no success.

I appreciate if you can help me with the same

Anuj, you did not quite get the point. You won't need to pass credentials if you used the startup script.
WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

Rich RumbleSecurity SamuraiCommented:
You can have it run from a logon script as kevinhsieh and McKnife indicated, it will run with the same rights as the user has, which they are likely admin users. You can modify the vbscript to use an alternate credential: http://blogs.technet.com/b/heyscriptingguy/archive/2004/12/13/how-can-i-run-a-script-under-alternate-credentials.aspx
Or you can push out your program using a GPO, first you have to get your exe into a MSI file:
http://support.microsoft.com/kb/816102 http://www.symantec.com/connect/downloads/exe-msi

"Install" can be a relative term however. If you need the exe on a machine where the user can get to it, copy it to the "all users" path on the computers. If it has to install a service or scheduled task, then you will need to be admin or push it out via the other methods above that get you higher rights.
No Rich, a logon script with different credentials will bring up a UAC prompt and needs interactive consent - and as we all know, not all users always click "ok". That's why we voted for the startup script.
Please respond or finalize it, this question is growing old :)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now