none
Scrip to write into registry with a query RRS feed

  • Question

  • Hello,

    I'm not a specialist for scripting at all, but i made a good start.

    I'd like to write a script to make some softwares run as an administrator (W8 issues).

    So I made this script below, it works great:

    Call ElevateUAC
    
    const HKEY_LOCAL_MACHINE=&H80000002
    
    sSubkey="SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers"
    sVname="F:\test\MyProgram.exe"
    aValue="~ RUNASADMIN"
    
    set svc=GetObject("winmgmts:root\default:StdRegProv")
    iRet=svc.SetStringValue(HKEY_LOCAL_MACHINE,sSubkey,sVname,aValue)
    set svc=nothing
    
    if iRet=0 then wscript.echo "done" else wscript.echo "failed"
    
    Sub ElevateUAC
        If Not WScript.Arguments.Named.Exists("elevated") Then
            'Launch the script again as administrator
            With CreateObject("Shell.Application")
            .ShellExecute "wscript.exe", """" & _
                WScript.ScriptFullName & """ /elevated", "", "runas", 1
                WScript.Quit
            End With
        End If
    End Sub

    But I have several programs, not necessarily the same for each computer and the next ones.

    So I would like to add a query for "sVname" in the purpose to add every .exe from a drive, with a query like the one below, but I don't know how add it in my script.

    Dim Obj
     Dim Wmi :Set Wmi = GetObject("winmgmts:\\.\root\cimv2")
     Dim Col :Set Col = Wmi.ExecQuery( _
     "Select * from CIM_DataFile Where Extension = 'exe' And Drive='D:'")
      If Col.count = 0 Then
      WScript.Echo "No .exe to add."
      WScript.Quit
      Else
       For Each Obj in Col
        Wscript.Echo Obj.Drive & Obj.Path & Obj.FileName & "." & Obj.Extension
       Next
      End if

    Can this be done?

    Thanks



    • Edited by AG_G1 Friday, January 9, 2015 1:13 PM
    Friday, January 9, 2015 10:55 AM

Answers

  • Thanks jrv, but that doesn't fix my problem.

    So I found out by myself, and I'm answering to my question and not for an alternative solution...:

    Call ElevateUAC
    
    const HKEY_LOCAL_MACHINE=&H80000002
    
    sSubkey="SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers"
    aValue="~ RUNASADMIN"
    
    set svc=GetObject("winmgmts:root\default:StdRegProv")
    Dim Obj
     Dim Wmi :Set Wmi = GetObject("winmgmts:\\.\root\cimv2")
     Dim Col :Set Col = Wmi.ExecQuery( _
     "Select * from CIM_DataFile Where Extension = 'exe' And Drive='F:'")
      If Col.count = 0 Then
      WScript.Echo "No .exe to add."
      WScript.Quit
      Else 
       For Each Obj in Col
       	sVname=Obj.Drive & Obj.Path & Obj.FileName & "." & Obj.Extension
    	Wscript.Echo sVname
    	iRet=svc.SetStringValue(HKEY_LOCAL_MACHINE,sSubkey,sVname,aValue)
    		if iRet=0 then wscript.echo "done" else wscript.echo "failed"
       Next 
      End if 
      set svc=nothing
      
      Sub ElevateUAC
        If Not WScript.Arguments.Named.Exists("elevated") Then
            'Launch the script again as administrator
            With CreateObject("Shell.Application")
            .ShellExecute "wscript.exe", """" & _
                WScript.ScriptFullName & """ /elevated", "", "runas", 1
                WScript.Quit
            End With
        End If
    End Sub

    • Marked as answer by AG_G1 Friday, January 16, 2015 4:56 PM
    Friday, January 16, 2015 4:56 PM

All replies

  • What is the purpose of this script? (You can't bypass the UAC prompt, if that's what you're trying to do.)

    -- Bill Stewart [Bill_Stewart]

    • Marked as answer by AG_G1 Friday, January 9, 2015 4:34 PM
    • Unmarked as answer by AG_G1 Friday, January 9, 2015 4:34 PM
    Friday, January 9, 2015 3:58 PM
    Moderator
  • It's not really the UAC prompt my problem.


    I have list of exe from a drive that I want to be run as administrator.

    So I would like to write into the registry in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers all my softwares with the value "~ RUNASADMIN".

    But with my script I can specify just one software. So it would be perfect if I could do a select like below, then the script write a ValueName for each .exe found:

    "Select * from CIM_DataFile Where Extension = 'exe' And Drive='D:'")


    Friday, January 9, 2015 4:31 PM
  • Please note that your registry setting will not work in Windows 8 and later.  The RUNAS string has characters that are apparently not allowed in later systems.

    Use HKCU instead of HKLM.

    Please see this article for insructions: https://www.novell.com/support/kb/doc.php?id=7010269

    To get a list of file paths from a drive do the following.

    $exepaths=Get-ChildItem d:\* -Include *.exe -recurse  |%{$_.Fullname}

    This is much faster than WMI.


    ¯\_(ツ)_/¯


    • Edited by jrv Friday, January 9, 2015 4:57 PM
    Friday, January 9, 2015 4:51 PM
  • Please note that it may not be a good idea to always run a program as an admin.  You may also become annoyed when using a program that always prompts for elevation even when you don't need it.

    I recommend HKCU as other admins may not want this to happen.  It is a personal choice.  Most programs from Microsoft like RegEdit, REG , TaskMgr etc already elevate themselves by design.  The AppCompat key should be used judiciously although it presents no real security issues it can lead you to make mistakes when not needing elevation.

    I am still a fan of not running in an admin account if at all possible.


    ¯\_(ツ)_/¯

    Friday, January 9, 2015 5:02 PM
  • I have list of exe from a drive that I want to be run as administrator.

    Why?


    -- Bill Stewart [Bill_Stewart]

    Friday, January 9, 2015 5:18 PM
    Moderator
  • In the association where I work, we have old and new softwares. Among the old ones (really old), we have to turn off UAC since Vista. And now, since W8, we have to execute as an administrator; even if we have local admin rights. Except if I'm with the Administrator user.

    So, that's why I need to set the .exe with the flag "run as an administrator".

    And I prefer to use HKLM instead HKCU because there are usually some different users on the same computer.

    Well, my first script up there works perfectly. But I'd like to avoid executing as much scripts as I have .exe.

    If a select is impossible, may I could read the paths from an other file? But I don't know how to do that too.

    Monday, January 12, 2015 9:31 AM
  • Why not do it the way the system does it?  Usr the SDK tools to tag the EXEs so they automaticallly ask for elevation.  That way you don't have to alter the registry and the location of the files won't matter.


    ¯\_(ツ)_/¯

    Monday, January 12, 2015 9:46 AM
  • I know almost nothing in development...
    Monday, January 12, 2015 1:50 PM
  • In the association where I work, we have old and new softwares. Among the old ones (really old), we have to turn off UAC since Vista.

    It is not recommended to disable UAC. UAC should be left on because it reveals these kinds of problems. If someone demands to disable UAC, this means there is an application compatibility problem, not a UAC problem.

    And now, since W8, we have to execute as an administrator; even if we have local admin rights. Except if I'm with the Administrator user.

    That is one of the purposes of UAC - to keep people from running as administrator all the time, like was common on earlier Windows versions.


    -- Bill Stewart [Bill_Stewart]

    Monday, January 12, 2015 3:17 PM
    Moderator
  • I know but I don't have the choice. Those old softwares gonna still be used for the next two years. And there won't be any update from our developers...

    So far, I go through a .reg file where I modify the paths of the .exe with a "Find and Replace".

    So any help for my script would be great!
    Monday, January 12, 2015 4:35 PM
  • This is really an application compatibility question and not a scripting question.

    I would recommend using the application compatibility toolkit to find out why the application thinks it needs to run as administrator and fix the actual underlying problem.


    -- Bill Stewart [Bill_Stewart]

    Monday, January 12, 2015 4:48 PM
    Moderator
  • Here is the tool that marks executables for "AutoElevation"  It is very easy to runand only needs to tage the EXE once.  It also adds a signature to teh EXE so that the elevation is secure.  YOurmethod is actuallyvery dangerous.

    http://msdn.microsoft.com/en-us/library/aa375649(v=vs.85).aspx

    THe SDK is a free download.


    ¯\_(ツ)_/¯

    Monday, January 12, 2015 5:28 PM
  • Thanks jrv, but that doesn't fix my problem.

    So I found out by myself, and I'm answering to my question and not for an alternative solution...:

    Call ElevateUAC
    
    const HKEY_LOCAL_MACHINE=&H80000002
    
    sSubkey="SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers"
    aValue="~ RUNASADMIN"
    
    set svc=GetObject("winmgmts:root\default:StdRegProv")
    Dim Obj
     Dim Wmi :Set Wmi = GetObject("winmgmts:\\.\root\cimv2")
     Dim Col :Set Col = Wmi.ExecQuery( _
     "Select * from CIM_DataFile Where Extension = 'exe' And Drive='F:'")
      If Col.count = 0 Then
      WScript.Echo "No .exe to add."
      WScript.Quit
      Else 
       For Each Obj in Col
       	sVname=Obj.Drive & Obj.Path & Obj.FileName & "." & Obj.Extension
    	Wscript.Echo sVname
    	iRet=svc.SetStringValue(HKEY_LOCAL_MACHINE,sSubkey,sVname,aValue)
    		if iRet=0 then wscript.echo "done" else wscript.echo "failed"
       Next 
      End if 
      set svc=nothing
      
      Sub ElevateUAC
        If Not WScript.Arguments.Named.Exists("elevated") Then
            'Launch the script again as administrator
            With CreateObject("Shell.Application")
            .ShellExecute "wscript.exe", """" & _
                WScript.ScriptFullName & """ /elevated", "", "runas", 1
                WScript.Quit
            End With
        End If
    End Sub

    • Marked as answer by AG_G1 Friday, January 16, 2015 4:56 PM
    Friday, January 16, 2015 4:56 PM