Jump to content

Sky Slate Blueberry Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate
Photo

Run as normal user (not as admin) when user is admin

Started by Maestr0 , Apr 06 2012 05:32 PM

  • Please log in to reply
7 replies to this topic
Maestr0
  • Members
  • 652 posts
  • Last active: Aug 17 2019 06:07 PM
  • Joined: 18 Oct 2008
Hi there,

I've found that if the logged in user is an admin, any run command will be run as admin.
For instance, this is a problem with Google Chrome (the auto-updater won't work : see wrench > about ).

Is it possible to perform a run command without admin-privileges? I would rather not ask the user to supply logins for a standard user (ie: use runas)... it doesn't seem logical (to me) that an admin could not run a program with standard privileges.

Example:

If I'm logged in as an admin (A_IsAdmin = 1) then doing the script below will give an error (Update server not found (error: 3)) connecting to Google Chrome updater.
run, C:\Users\%A_UserName%\AppData\Local\Google\Chrome\Application\chrome.exe

NOTE: you'll need to close all instances of Chrome, else it will display the update message from the older instance.

Any help would be greatly appreciated.
#1 - Posted 06 April 2012 - 05:32 PM
nimda
  • Members
  • 4368 posts
  • Last active: Aug 09 2015 02:36 AM
  • Joined: 26 Dec 2010
Run as standard (limited) user
#2 - Posted 06 April 2012 - 05:44 PM
Maestr0
  • Members
  • 652 posts
  • Last active: Aug 17 2019 06:07 PM
  • Joined: 18 Oct 2008
Thanks Nimda! That looks promising, wonder why my search didn't turn that one up, must be PEBKAC-related.

However, I should have mentioned this earlier, I'm using AutoHotkey_L version 1.1.07.01.

If I get a working script, I'll post it below.
#3 - Posted 06 April 2012 - 06:00 PM
nimda
  • Members
  • 4368 posts
  • Last active: Aug 09 2015 02:36 AM
  • Joined: 26 Dec 2010

However, I should have mentioned this earlier, I'm using AutoHotkey_L version 1.1.07.01.

Try the Scheduler version in that thread.
#4 - Posted 06 April 2012 - 06:03 PM

Autofire, AutoClick, Toggle, SpamWindow Control Tools

Maestr0
  • Members
  • 652 posts
  • Last active: Aug 17 2019 06:07 PM
  • Joined: 18 Oct 2008

Try the Scheduler version in that thread.


This one?
RunAsUser(Target, Arguments, WorkingDirectory)
{
   static TASK_TRIGGER_REGISTRATION := 7   ; trigger on registration. 
   static TASK_ACTION_EXEC := 0  ; specifies an executable action. 
   static TASK_CREATE := 2
   static TASK_RUNLEVEL_LUA := 0
   static TASK_LOGON_INTERACTIVE_TOKEN := 3
   objService := ComObjCreate("Schedule.Service") 
   objService.Connect() 

   objFolder := objService.GetFolder("") 
   objTaskDefinition := objService.NewTask(0) 

   principal := objTaskDefinition.Principal 
   principal.LogonType := TASK_LOGON_INTERACTIVE_TOKEN    ; Set the logon type to TASK_LOGON_PASSWORD 
   principal.RunLevel := TASK_RUNLEVEL_LUA  ; Tasks will be run with the least privileges. 

   colTasks := objTaskDefinition.Triggers
   objTrigger := colTasks.Create(TASK_TRIGGER_REGISTRATION) 
   endTime += 1, Minutes  ;end time = 1 minutes from now 
   FormatTime,endTime,%endTime%,yyyy-MM-ddTHH`:mm`:ss
   objTrigger.EndBoundary := endTime
   colActions := objTaskDefinition.Actions 
   objAction := colActions.Create(TASK_ACTION_EXEC) 
   objAction.ID := "7plus run" 
   objAction.Path := Target
   objAction.Arguments := Arguments
   objAction.WorkingDirectory := WorkingDirectory ? WorkingDirectory : A_WorkingDir
   objInfo := objTaskDefinition.RegistrationInfo
   objInfo.Author := "7plus" 
   objInfo.Description := "Runs a program as non-elevated user" 
   objSettings := objTaskDefinition.Settings 
   objSettings.Enabled := True 
   objSettings.Hidden := False 
   objSettings.DeleteExpiredTaskAfter := "PT0S"
   objSettings.StartWhenAvailable := True 
   objSettings.ExecutionTimeLimit := "PT0S"
   objSettings.DisallowStartIfOnBatteries := False
   objSettings.StopIfGoingOnBatteries := False
   objFolder.RegisterTaskDefinition("", objTaskDefinition, TASK_CREATE , "", "", TASK_LOGON_INTERACTIVE_TOKEN ) 
}

#5 - Posted 06 April 2012 - 06:14 PM
nimda
  • Members
  • 4368 posts
  • Last active: Aug 09 2015 02:36 AM
  • Joined: 26 Dec 2010
Yes.

(Sorry, most of this is beyond me. UAC is ridiculously complicated.)
#6 - Posted 06 April 2012 - 06:18 PM
Maestr0
  • Members
  • 652 posts
  • Last active: Aug 17 2019 06:07 PM
  • Joined: 18 Oct 2008

Yes.

(Sorry, most of this is beyond me. UAC is ridiculously complicated.)


No worries, it worked wonders! Thanks a lot!
This is like magic to me, but as long as it works, I'm not complaining.

The only issue I have now is that I don't see an errorlevel if the file in question doesn't exist or if there's an other error running it.

This code works for me:
command = C:\Users\%A_UserName%\AppData\Local\Google\Chrome\Application\chrome.exe
arguments =
path = C:\Users\%A_UserName%\AppData\Local\Google\Chrome\Application

RunAsUser(command,arguemtens, path)

RunAsUser(Target, Arguments, WorkingDirectory)
{
   static TASK_TRIGGER_REGISTRATION := 7   ; trigger on registration. 
   static TASK_ACTION_EXEC := 0  ; specifies an executable action. 
   static TASK_CREATE := 2
   static TASK_RUNLEVEL_LUA := 0
   static TASK_LOGON_INTERACTIVE_TOKEN := 3
   objService := ComObjCreate("Schedule.Service") 
   objService.Connect() 

   objFolder := objService.GetFolder("") 
   objTaskDefinition := objService.NewTask(0) 

   principal := objTaskDefinition.Principal 
   principal.LogonType := TASK_LOGON_INTERACTIVE_TOKEN    ; Set the logon type to TASK_LOGON_PASSWORD 
   principal.RunLevel := TASK_RUNLEVEL_LUA  ; Tasks will be run with the least privileges. 

   colTasks := objTaskDefinition.Triggers
   objTrigger := colTasks.Create(TASK_TRIGGER_REGISTRATION) 
   endTime += 1, Minutes  ;end time = 1 minutes from now 
   FormatTime,endTime,%endTime%,yyyy-MM-ddTHH`:mm`:ss
   objTrigger.EndBoundary := endTime
   colActions := objTaskDefinition.Actions 
   objAction := colActions.Create(TASK_ACTION_EXEC) 
   objAction.ID := "7plus run" 
   objAction.Path := Target
   objAction.Arguments := Arguments
   objAction.WorkingDirectory := WorkingDirectory ? WorkingDirectory : A_WorkingDir
   objInfo := objTaskDefinition.RegistrationInfo
   objInfo.Author := "7plus" 
   objInfo.Description := "Runs a program as non-elevated user" 
   objSettings := objTaskDefinition.Settings 
   objSettings.Enabled := True 
   objSettings.Hidden := False 
   objSettings.DeleteExpiredTaskAfter := "PT0S"
   objSettings.StartWhenAvailable := True 
   objSettings.ExecutionTimeLimit := "PT0S"
   objSettings.DisallowStartIfOnBatteries := False
   objSettings.StopIfGoingOnBatteries := False
   objFolder.RegisterTaskDefinition("", objTaskDefinition, TASK_CREATE , "", "", TASK_LOGON_INTERACTIVE_TOKEN ) 
}

#7 - Posted 06 April 2012 - 06:22 PM
b0dhikey
  • Members
  • 44 posts
  • Last active: Nov 06 2015 02:43 AM
  • Joined: 26 Jan 2014

I want to give my autohotkey main script (which has a lot of scripts inside of it especially delete commands which need admin permission) full admin permission but I want to run most of my programs as non-admin (through hotkeys).
It seems that UAC doesn't need to prompt to run as admin so long as the AHK was run as admin..

 

Is this really the simplest way to run as a limited user?


#8 - Posted 11 September 2014 - 07:07 PM
Back to Ask for Help
  1. AutoHotkey Community
  2. AutoHotkey
  3. Ask for Help