Using SU in a script - KiXtart.org - official site

You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Advanced Scripting » Using SU in a script

Page 1 of 1

1

Topic Options

#75738 - 2003-07-08 02:52 PM Using SU in a script
Anonymous Anonymous Unregistered	I'm trying to get the following scipt to work, but I'm getting an error because of the permissions. Can anyone tell me what I'm doing wrong? code: setl "SU_COMMANDLINE=Power.com" setl "SU_USERNAME=admin" setl "SU_PASSWORD=password" Shell su.exe The power.com is just a bat file I converted to a COM file. The command adds user/groups to local groups on a 2000 workstation. power.com needs to run with Administrative rights so I am using the local admin account on the computer.
Top

#75739 - 2003-07-08 02:58 PM Re: Using SU in a script
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	what is the exact error? does your com-executable work if you log on the machine as local admin and run it manually? _________________________ ! download KiXnet
Top

#75740 - 2003-07-08 03:10 PM Re: Using SU in a script
Sealeopard Sealeopard KiX Master Registered: 2001-04-25 Posts: 11165 Loc: Boston, MA, USA	code: Shell 'su.exe' ;or shell '%COMSPEC% /C su.exe' Also, please read the FAQ Forum under Installing an Application as an Admin and Not quite everything you wanted to know about RUN and SHELL . Finally, why not add the groups remotely. See for example adding group as... or Add domain group to local Admin group _________________________ There are two types of vessels, submarines and targets.
Top

#75741 - 2003-07-08 03:20 PM Re: Using SU in a script
Anonymous Anonymous Unregistered	I don't get any error message on the screen. the power.com launches, but nothing happens. My account has administrative rights and it does make the changes when I run it. The account I'm trying to run the command under is an account on the local machine. Does that make a difference in the SU command? P.S. DANG you guys answer quick! Thanks!
Top

#75742 - 2003-07-08 03:24 PM Re: Using SU in a script
Anonymous Anonymous Unregistered	Correction....it doesn't work when I'm logged in! :-( Power.com runs, but nothing happens at ALL! :-( But if I run power.com not in a script as myself, it does make the changes.
Top

#75743 - 2003-07-08 03:26 PM Re: Using SU in a script
Shawn Shawn Administrator Registered: 1999-08-13 Posts: 8611	Think that since your adding domain info into the local machine, that you would need to run this under a domain user account, not a local wkstn account ?! -Shawn Maybe SU_USERNAME="[domain admin]" SU_DOMAIN="[your domain]" [ 08. July 2003, 15:32: Message edited by: Shawn ]
Top

#75744 - 2003-07-08 03:35 PM Re: Using SU in a script
Anonymous Anonymous Unregistered	Using a domain account worked! That's a start/option!! I adding setl "SU_DOMAIN=@WKSTA" to the script to get it to use the local user account with the rights to do it, but that didn't work. Any clue how to get it to use a local account? Thanks!
Top

#75745 - 2003-07-08 03:40 PM Re: Using SU in a script
Shawn Shawn Administrator Registered: 1999-08-13 Posts: 8611	imho, think there is very little you can do about it ... rights are right. But depending on what this bat file is doing (assuming its issuing a bunch of NET xxx commands) ... maybe if you could map an admin share using domain credentials in your compiled bat file ? Since its compiled, might obfuscate the sensitive information enough to not be a concern ? Plus, not sure whether mapping an admin share will work. -Shawn [ 08. July 2003, 15:41: Message edited by: Shawn ]
Top

#75746 - 2003-07-08 03:53 PM Re: Using SU in a script
ChristopheM ChristopheM Hey THIS is FUN Registered: 2002-05-13 Posts: 311 Loc: STRASBOURG, France	hello, if your power.com need information of the path and other standard variables, you need to set the option of SU that prepares environment. by default, it seems that the environment is empty. usually, I add "-cb -e" to my su commandline. _________________________ Christophe
Top

#75747 - 2003-07-08 04:02 PM Re: Using SU in a script
Shawn Shawn Administrator Registered: 1999-08-13 Posts: 8611	Yeah, just did a little test here. Logged in a local admin and one is unable to add a domain group to local admins ... then mapped an admin share to the domain controller, then was able to add the group no problems ... -Shawn
Top

#75748 - 2003-07-08 04:02 PM Re: Using SU in a script
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	heh, just like I quessed, the util does not work on local admin... not sure did you even tried though... _________________________ ! download KiXnet
Top

#75749 - 2003-07-08 04:13 PM Re: Using SU in a script
Shawn Shawn Administrator Registered: 1999-08-13 Posts: 8611	Who you talking there jlo ? Must admit though, running NET by hand is producing some strange results ... it reports that the domain group was added, but sometimes doesn't show up. Also saw that it added the group as DOMAIN\Account Unknown ... ??? Almost as if there were SID problems ... not sure if its just my funky wkstn here or not ... I always thought that the DOMAIN switch directed NET.EXE to use the DOMAIN that the wkstn was joined to. Know thats true when logged in as domain user, not sure about local admin. [ 08. July 2003, 16:16: Message edited by: Shawn ]
Top

#75750 - 2003-07-08 04:19 PM Re: Using SU in a script
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	talking just about my initial comment (not direct) "it might not work with local account" and his about 5th reply "Using a domain account worked!" _________________________ ! download KiXnet
Top

#75751 - 2003-07-08 05:27 PM Re: Using SU in a script
Anonymous Anonymous Unregistered	FYI - The command I'm using is net localgroup
Top

Page 1 of 1

1

Previous Topic

Previous Topic View All Topics

View All Topics

Index Next Topic

Next Topic

Moderator: Glenn Barnas, NTDOC, Arend_, Jochen, Radimus, Allen, ShaneEP, Ruud van Velsen, Mart

Hop to:

Shout Box

Who's Online

0 registered and 952 anonymous users online.

Newest Members

ManuvdWielNL, Sir_Barrington, batdk82, StuTheCoder, M_Moore
17887 Registered Users

Generated in 0.65 seconds in which 0.565 seconds were spent on a total of 11 queries. Zlib compression enabled.

click tracking