VB Scripts and UAC elevation

VB Scripts and UAC elevation

With User Account Control (UAC) enabled in Windows 7, one needs to open an elevated Command Prompt in order to run scripts under administrative privileges. Although the elevated Command Prompt accomplishes the task, the question How to run as script under elevated privileges/admin privileges

1. without using the Command Prompt?
2. without user being admin on machine?

We can achieve the same by GPO which can deploy application etc. using system account but it doesn’t solve the purpose where only selected users need to install applications with no admin rights on machine.

Scenario in my organization

We have intranet site in our organization with downloads page for installation of any software’s for users.

Downloads page has a link to .vbs script which installs the software from local available repository when users click on the link
Problem is that users with no admin rights on local machine cannot install software especially in windows 7 as most of our users have been migrated to windows 7 with no administrator rights.

Solution:

We created a script which can install the software on any machine with no admin privileges

We encoded the final script to protect from users

Below is the script:
******************************************************************
Option Explicit

Dim MyArr, i, IPaddress, tstr, Subnet2, Subnet3
Dim SCSserver,MapPath,oWshShell

Dim strArgs, strAdminUser, strAdminPass
Dim objFSO, wshNetwork, strComputer, objShell, strCommand

Set objFSO = WScript.CreateObject(“Scripting.FileSystemObject”)
Set wshNetwork = WScript.CreateObject(“WScript.Network”)
Set objShell = WScript.CreateObject(“WScript.Shell”)

‘Enter your domain admin user id/password or account with admin privelliges on your organisation machines
strAdminUser = “domain\userid”
strAdminPass = “password”

Dim WSHShell
Dim objNTInfo
Dim GetComputerName

Set objNTInfo = CreateObject(“WinNTSystemInfo”)
GetComputerName = lcase(objNTInfo.ComputerName)

Set WSHShell = WScript.CreateObject(“WScript.Shell”)

If WScript.Arguments.Count < 1 Then
Call Normal_User_Commands
ElseIf WScript.Arguments(0) = “AsAdmin” Then
Call Admin_User_Commands
Else
MsgBox “Unknown Argument received”
End If

Sub Normal_User_Commands
‘MsgBox “Running as initiating user”
strComputer = GetComputerName
‘Download psexec.exe and copy it on network as we are using psexec.exe
strCommand = “cmd /c <Path for psexec.exe> \\” & strComputer & ” -i -u ” & strAdminUser & ” -p ” & strAdminPass & ” wscript.exe <complete path for your script which installs application/software.vbs> “”AsAdmin”””
objShell.Run strCommand, 0, True
End Sub

Sub Admin_User_Commands
‘Now running as Administrator on the target machine
‘MsgBox “Running as Admin”
strCommand = “notepad.exe”
objShell.Run strCommand, 0, True
End Sub
********************************************************************

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s