Re: Escalation of privilege

From: Torgeir Bakken (MVP) (Torgeir.Bakken-spam_at_hydro.com)
Date: 11/18/03

Next message: anonymous_at_discussions.microsoft.com: "Re: I am a disaster"
Previous message: David Robbins: "Re: I am a disaster"
In reply to: Nicolas Macarez: "Re: Escalation of privilege"
Next in thread: Nicolas Macarez: "Re: Escalation of privilege"
Reply: Nicolas Macarez: "Re: Escalation of privilege"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 18 Nov 2003 23:57:31 +0100

Nicolas Macarez wrote:

> Hi Torgeir
> Many thanks for your tiny tool - but great in my case.
> It works, of course, but a new problem turn up: it's not the registry of
> the current user which is modified but the registry of the Aministrator
> account - and it's not fine at all.
>
> In fact, runas open an admin session behind the scenes, executes the scripts
> (and so modifies the HKEY_CURRENT_USER stuff, but the Aministrator account
> itself), and at last closes the session and gives you back the cursor.
> The HKEY_CURRENT_USER of the plain current user (the guy with no admin
> rights) is not modifed at all.
>
> I'm still searching for a workaround...

At least one of the buy-products can do this it looks like:

>From http://www.netexec.de/

<quote>
Temporary Administrator group memberships

Another feature that make NetExec a excellent choice for software installation
scenarios are extended group memberships. Using this feature it is possible to
run a process under a non-privileged user account, but inside this process the
user becomes also a member of the Administrators group. Therefore the app uses
the profile, settings and home directory of the non-privileged user account, but
runs with Administrator privileges.
</quote>

--
torgeir
Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of the 1328 page
Scripting Guide: http://www.microsoft.com/technet/scriptcenter

Next message: anonymous_at_discussions.microsoft.com: "Re: I am a disaster"
Previous message: David Robbins: "Re: I am a disaster"
In reply to: Nicolas Macarez: "Re: Escalation of privilege"
Next in thread: Nicolas Macarez: "Re: Escalation of privilege"
Reply: Nicolas Macarez: "Re: Escalation of privilege"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: script to check username rights on local machine
... > to see if any usersnames are in the local administrator group can ... Assuming you have a Active Directory domain, ... Const OpenAsASCII = 0 ... torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway ...
(microsoft.public.scripting.vbscript)
Re: Listing Users that are Part of the Local Administrator Group
... I have an active directory 2003 domain environment and basically want to be able to generate a text file that lists the computers in my domain with the Domain users that belong to those computers' local Administrator group. ... Very new to Windows scripting, and I can't figure out how to pull the users from the local administrator group. ... fOutFile.WriteLine vbCrlF & "Other accounts:" fOutFile.WriteLine sOthers fOutFile.Close ...
(microsoft.public.scripting.vbscript)
Re: Add global security group to local administrators group
... security group to my local administrator group on my Windows 2000 / XP machines, any ideas, as always thanks in advance.. ... you will need to hard code the domain name the group belongs to in the ... torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway ...
(microsoft.public.scripting.vbscript)
Re: Cannot ad domain users to local administrators
... > administrator group on a windows xp prof sp2 machine i can't see the domain. ... -- torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: ...
(microsoft.public.windowsxp.general)