Re: Allow script to run in Admin context

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Torgeir Bakken \(MVP\) (Torgeir.Bakken-spam_at_hydro.com)
Date: 06/23/04

• Next message: Remo: "modify Local area connection property settings"
• Previous message: Viatcheslav V. Vassiliev: "Re: JScript question"
• In reply to: Mark Irvine: "Allow script to run in Admin context"
• Messages sorted by: [ date ] [ thread ]

---

Date: Wed, 23 Jun 2004 11:25:06 +0200

Mark Irvine wrote:

> What I would like to know is, can I configure the logon script to run in an
> admin context? Or is there an easier way to schedule a task?
Hi

You might get something to work using a Runas wrapper utility or
similar, take a look here:

http://groups.google.com/groups?selm=3FE0B42C.773CA875%40hydro.com

You may also want to check NeoExec ( http://www.neovalens.com ), the
main difference is that it does not require the use of a second account,
as all RunAs derivatives requires.

Alternatively, if you are running Active Directory:

You could do it in a computer startup script (with a GPO) that runs as
part of the boot up process (before the user logs in). It runs under the
system context and has admin rights.

To be able to access files (e.g. snetcfg.exe) over the network from the
computer startup script, you could put the file(s) on a network share
and grant read access for the AD group "Domain Computers" to the share.

Alternatively, from the startup script, you could map a drive on
the fly, like this:

sDomainUser = "arp.corp\computer_fix"
sPswd = "something"

Set oNetwork = CreateObject("Wscript.Network")

oNetwork.MapNetworkDrive _
     "Y:", "\\server\netlogon\some folder",, sDomainUser, sPswd

-- 
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/community/scriptcenter/default.mspx

---

• Next message: Remo: "modify Local area connection property settings"
• Previous message: Viatcheslav V. Vassiliev: "Re: JScript question"
• In reply to: Mark Irvine: "Allow script to run in Admin context"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: Cmd Line adding users, Im sure it has been asked but.... ... The following command will add a user named joe with password "password" to ... If you run these commands from a computer startup script, ... Copy the batch file into this directory (which will ... (microsoft.public.win2000.cmdprompt.admin) Re: Login Script ... >> net localgroup administrators yourdomainname\%username% /ADD ... >> group IF you are using Machine Startup Script through a GPO as suggested ... > At the time that a Computer Startup Script runs, ... > NO user and the %username% variable is holds no value. ... (microsoft.public.win2000.active_directory) Re: writing to a share during computer startup script ... > We have recently implemented a GPO with a computer startup script to ... > restore our required support accounts to the local administrators group ... > startup script it does not add the entry to the log file. ... (microsoft.public.scripting.vbscript) Re: Logon Script ... Make it a computer startup script instead of a user login script. ... startup script run under the context of the system account which has the ... privileges of the local administrator of the machine. ... (microsoft.public.windows.group_policy)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Scripting  > microsoft.public.scripting.wsh  > 2004-06