New
#11
the sript is located at this location:
\\labs.local\SysVol\labs.local\Policies\{30938D30-4C30-4038-8CD8-420AF8CA33AA}\Machine\Scripts\Startup
Last edited by epulone; 22 Sep 2018 at 13:15.
the sript is located at this location:
\\labs.local\SysVol\labs.local\Policies\{30938D30-4C30-4038-8CD8-420AF8CA33AA}\Machine\Scripts\Startup
Last edited by epulone; 22 Sep 2018 at 13:15.
I have place the batch script on my Desktop and it still worked maybe something wrong with your batch script.
Are you using program named Runas?
yes I am using RunAs program. This is very useful because when i install some program where they need admin right to run I can update the program by batch file.
For example in my case I have to add on this program wireshark (it works only with admin right). Once i have exported a backup file where workshark is included I can deploy it to all pcs. The script basically start the runAs pass the credentials (user/password) and import the file exported .
The script doesn't work when I use it with the normal user even i click run as administrator (appear the admin error).
If i log as local admin it works fine.....so I don think the problem is the script for itself.
I am thinking maybe the issue could be the exported file location. I store it in \\labs.local\NETLOGON\run_as\wire_shark.rnt
This folder is visible from the client machine
I'm thinking its the Runas program causing the issue have you tried running your script without Runas program.
I have a batch script which backs up registry hives can you please try this batch script without any changes to it and let me know if the script worked or not.
See if the registry hives are backed up to C:\Registry_Backups folder.
runas isn't a program really. It is a standard part of windows command shell.
It works if run as a local administrator, otherwise it fails - it doesn't stop as there is no error handling - it just makes zero byte output files.
The script suppresses messages but if you remove this running as standard user givesI don't know of any way to run programs at startup for non local-admins unless you specify a (not disabled) user/password of an account that does have local admin rights.Code:<snip> C:\Users\Hali\Downloads>REG SAVE HKU\.DEFAULT C:\Registry_Backups\DEFAULT ERROR: A required privilege is not held by the client. C:\Users\Hali\Downloads>REG SAVE HKLM\SAM C:\Registry_Backups\SAM ERROR: A required privilege is not held by the client. C:\Users\Hali\Downloads>REG SAVE HKLM\SECURITY C:\Registry_Backups\SECURITY ERROR: Access is denied. C:\Users\Hali\Downloads>REG SAVE HKLM\SOFTWARE C:\Registry_Backups\SOFTWARE ERROR: A required privilege is not held by the client. <snip>
Sorry for the misunderstanding, I am using this program:
RunAsTool v1.3
For a remote update I am using this batch file:
RunAsTool.exe “/U=Admin” “/P=PassWord” “/I= location of Import.rnt”
Sorry - I assumed the built in tool function.
Looking at their website though would it not mean that would have to have local admin user "Admin" set up and enabled with the same password on all 100 PCs? It doesn't work with domain accounts according to the comments on their website.
In any case while privilege escalation is easy for local admins (or if you enter a local user/password), no program can circumvent Windows security for standard user accounts (that I know of).
Looks like its the program causing the issue.