2 Replies Latest reply on Nov 1, 2008 4:52 PM by rsterling

    VBScript package and permissions issues

    Apprentice

      Hello,

       

      When I run my vb scripts using startasuser.exe everything is fine.  However, when I make a Windows Script host distribution package using my VBS, it runs as a service and does not have adequate permissions to perform the task correctly.  Lets look at the simple mock script below for instance.  If you run it manually by double clicking it, it retrieves the correct results.  When fired off my a scheduled task, it does not return the correct information.  It's more of a VB script question but does anyone know the correct code to get around this?  I tried "impersonate" but it doesn't help.

       

      'On Error Resume Next

      Const HKEY_CURRENT_USER = &H80000001

      strComputer = "."

      Set objRegistry = GetObject("winmgmts:{impersonationLevel=impersonate}!
      .\root\default:StdRegProv")


      Set objFSO = CreateObject("Scripting.FileSystemObject")
      Set tf = objFSO.CreateTextFile("C:\zTEST.txt", True)

      strKeyPath = "Software\Microsoft\Notepad"
      strValueName = "lfFaceName"
      objRegistry.GetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,dwValue

      If IsNull(dwValue) Then
          tf.WriteLine "The registry key does not exist "
      Else
          tf.WriteLine "The registry key exists. (" & dwValue & ")"
      End If

      strKeyPath = "Software\M77777ft\Notepad"
      strValueName = "lfFaceName"
      objRegistry.GetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,dwValue

      If IsNull(dwValue) Then
          tf.WriteLine "The registry key does not exist "
      Else
          tf.WriteLine "The registry key exists. (" & dwValue & ")"
      End If


      strKeyPath = "Software\Microsoft\Notepad"
      strValueName = "lfFaceName"
      objRegistry.GetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,dwValue

      If IsNull(dwValue) Then
          tf.WriteLine "The registry key does not exist "
      Else
          tf.WriteLine "The registry key exists. (" & dwValue & ")"
      End If

      'Wscript.Echo "Complete"

        • 1. Re: VBScript package and permissions issues
          zman Master

          So it works with startasuser. Since you are trying to run and gather HKCU you will always have to use startasuser if the user is not a loca admin.  When you run without startasuser it is running under the local system account if the user is not a local admin. 

          • 2. Re: VBScript package and permissions issues
            Apprentice

            I figured it out.  Current User is local system so query WMI to get currently logged in user, then get the SID from that, then get the "current user" data from hkey_users + \SID

             

            ----------------------------------------------------------------------

             

            'On Error Resume Next

            Const HKEY_CURRENT_USER = &H80000001
            Const HKEY_USERS = &H80000003

            strComputer = "."
            Set objRegistry = GetObject("winmgmts:{impersonationLevel=impersonate}!
            " & strComputer & "\root\default:StdRegProv")
            Set objFSO = CreateObject("Scripting.FileSystemObject")
            Set tf = objFSO.CreateTextFile("C:\zzpzz.txt", True)


            Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!
            " & strComputer & "\root\cimv2")

            Set Users = objWMIService.InstancesOf ("Win32_ComputerSystem")

            for each User in Users
               logonname = User.UserName
               strUsr    = Split(logonname,"\")(1)
               strDomain = Split(logonname,"\")(0)
               exit For
            next

            set colAccounts = objWMIService.ExecQuery _
                   ("select * From Win32_UserAccount where " _
                   & "name = '" & strUsr & "' AND domain = '" & strDomain & "'")

            For each objAccount in colAccounts
               strSID = objAccount.SID      
               exit For
            Next


            'wsh.echo "HKU-path for", logonname, vbNewLine & "HKEY_USERS\" & strSID & "\..."

            strKeyPath = strSID & "\Software\Microsoft\Notepad"
            strValueName = "lfFaceName"
            objRegistry.GetStringValue HKEY_USERS,strKeyPath,strValueName,dwValue

            If IsNull(dwValue) Then
                tf.WriteLine "The registry key does not exist  (" & strUsr & ")"
            Else
                tf.WriteLine "The registry key exists. (" & dwValue & " - " & strUsr & ")"
            End If


            strKeyPath = strSID & "\Software\Micro9soft\Notepad"
            strValueName = "lfFaceName"
            objRegistry.GetStringValue HKEY_USERS,strKeyPath,strValueName,dwValue

            If IsNull(dwValue) Then
                tf.WriteLine "The registry key does not exist  (" & strUsr & ")"
            Else
                tf.WriteLine "The registry key exists. (" & dwValue & " - " & strUsr & ")"
            End If

            strKeyPath = strSID & "\Software\Microsoft\Notepad"
            strValueName = "lfFaceName"
            objRegistry.GetStringValue HKEY_USERS,strKeyPath,strValueName,dwValue

            If IsNull(dwValue) Then
                tf.WriteLine "The registry key does not exist  (" & strUsr & ")"
            Else
                tf.WriteLine "The registry key exists. (" & dwValue & " - " & strUsr & ")"
            End If