Learn to build secure applications from the mindset of the hacker and avoid being exploited.
how to run add logon VBS script as administrator
Question: I need when domain users log on, VBS logon script will be run include this command: route add /p 201.2.3.4 mask 255.255.255.255 10.10.10.10. This command need administrator or elevated user mode. How to do it from VBS script? Could you give me a sample?
Environment:
Server level Windows Server 2008 R2
Desktops: Windows 7
I know this question had been asked many many times, but my situation is a little bit special. I don't want users type in administrator account name and password. I don't want my administrator account name and password recorded in VBS script and be found by any personal who can access server and edit the VBS file.
Thank you.
Environment:
Server level Windows Server 2008 R2
Desktops: Windows 7
I know this question had been asked many many times, but my situation is a little bit special. I don't want users type in administrator account name and password. I don't want my administrator account name and password recorded in VBS script and be found by any personal who can access server and edit the VBS file.
Thank you.
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
Why not configure this as a scope option on the DHCP server?
Add route directive .
The other option is to add the route of the upper router/firewall,.
Seems like this is a route through VIP that routes to the destination via a VPN.
Add route directive .
The other option is to add the route of the upper router/firewall,.
Seems like this is a route through VIP that routes to the destination via a VPN.
Thank you for your suggestions.
Sorry for did not reply or make the solution choice. These days I have been pushed to focus on other projects, didn't have time to try the options. I will go back to the line as soon as possible.
Sorry for did not reply or make the solution choice. These days I have been pushed to focus on other projects, didn't have time to try the options. I will go back to the line as soon as possible.
I made a VBS file and added these commands
Set objShell = WScript.CreateObject("WScr
wscript.sleep 100
Set objExecObject = objShell.Exec("%comspec% /c route add 123.123.0.0 mask 255.255.0.0 10.10.1.1 ")
Then add this VBS file into startup script folder.
Linked GPO to the OU in which the test computer locate and enforced.
After reboot test computer and login, I checked result via route print command. The route wasn't added.
Try GPResult /r, find the GPO didn't applied. Any advice to help me go through the trouble?
Set objShell = WScript.CreateObject("WScr
wscript.sleep 100
Set objExecObject = objShell.Exec("%comspec% /c route add 123.123.0.0 mask 255.255.0.0 10.10.1.1 ")
Then add this VBS file into startup script folder.
Linked GPO to the OU in which the test computer locate and enforced.
After reboot test computer and login, I checked result via route print command. The route wasn't added.
Try GPResult /r, find the GPO didn't applied. Any advice to help me go through the trouble?
The GPO applied, I didn't run as administrator, but the route still not be added. thanks for any advice.
Set objShell = WScript.CreateObject("WScript.Shell")
wscript.sleep 100
Set objExecObject = objShell.Exec("%comspec% /c 'route add 123.123.0.0 mask 255.255.0.0 10.10.1.1' ")
run the vbscript first to make sure what happens.
note the 10.10.1.1 has to be on the system for it to add the route
In the Startup Properties, enter following:
Script name: cscript.exe
Script parameters: yourfilename.vbs
Script name: cscript.exe
Script parameters: yourfilename.vbs
Hi Arnold,
I can't run the VBS because it need administrator permission, that's why I need to run Computer Configuration/startup script.
Hi NVIT,
The script file is added, just as the picture shows.
I can't run the VBS because it need administrator permission, that's why I need to run Computer Configuration/startup script.
Hi NVIT,
The script file is added, just as the picture shows.
see nvits suggestion to include/cscript or use a batch script .bat
@echo off
route.exe add 123.123.0.0 MASK 255.255.0.0 10.10.1.1
The issue as noted the gateway, 10.10.1.1 must be an IP on the system not a destination IP.
test the script to make sure it runs when elevated mode.
Computer configuration runts with system rights, and should set the parameters if correct.
or use the following powershell cmdlet:
https://technet.microsoft.com/en-us/library/hh826148(v=wps.630).aspx
@echo off
route.exe add 123.123.0.0 MASK 255.255.0.0 10.10.1.1
The issue as noted the gateway, 10.10.1.1 must be an IP on the system not a destination IP.
test the script to make sure it runs when elevated mode.
Computer configuration runts with system rights, and should set the parameters if correct.
or use the following powershell cmdlet:
https://technet.microsoft.com/en-us/library/hh826148(v=wps.630).aspx
Yes, run the VBS under administrator privileges, the route added. I could turn around and try Powershell, but still can't understand from computer startup script, why this VBS file doesn't work.
Have not tried, but NVIT's earlier point deals with whether running .vbs file would run,unless specified differently.
Looking in the event log on the test machine during bootup, to see what happened when the startup script ran.
Adding the -p option to make the route permanent.
Depending on the relationship of the gateway to the computer, a better approach would be to add this rule on the rputer where these workstations vonnection in the absence of pushing this route via DHCP server scope options route rule.
Another possible way is to run in a GPO with loopback processing, while the bat file route add or powershell cmdlet new-roure.
Looking in the event log on the test machine during bootup, to see what happened when the startup script ran.
Adding the -p option to make the route permanent.
Depending on the relationship of the gateway to the computer, a better approach would be to add this rule on the rputer where these workstations vonnection in the absence of pushing this route via DHCP server scope options route rule.
Another possible way is to run in a GPO with loopback processing, while the bat file route add or powershell cmdlet new-roure.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows OS
From novice to tech pro — start learning today.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
https://www.petri.com/run-startup-script-batch-file-with-administrative-privileges