ICC Home  /  Members  /  Meetings  /  Peer Support  /  Documentation  /  Projects


Admin Helper Script


Return to IT/SA Services Documentation: Active Directory

There is a learning curve to running with reduced credentials. In order to assist with this, Chris Hughes, who has now left IFAS, developed a script (below is an example specific to Steve). This script will be tied to "IF-ADML-" logons via the user profile setting on those accounts. You can also run it when logged on with your normal account from your"OU\User" script folder in the netlogon share (\\ad.ufl.edu\netlogon\ifas...). The script sets the registry value for explorer in separate processes. It also runs a cmd prompt, and two Explorer windows.


IF-ADML-SEL.vbs:

Set objNetwork = CreateObject("WScript.Network")
Set objShell = CreateObject("WScript.Shell")

If lcase (Left(objNetwork.UserName, 7)) = "if-adml" then
	Username = Right(objNetwork.UserName, Len(objNetwork.Username)-8)
Else
	Username = objNetwork.Username
End If

On Error Resume Next

Set objExplorer = WScript.CreateObject("InternetExplorer.Application", "IE_")
objExplorer.Navigate "file://ad.ufl.edu/netlogon/ifas/password.htm"   
objExplorer.ToolBar = 0
objExplorer.StatusBar = 0
objExplorer.Width = 400
objExplorer.Height = 350 
objExplorer.Left = 300
objExplorer.Top = 200
objExplorer.Visible = 1             

Do While (objExplorer.Document.Body.All.OKClicked.Value = "")
    Wscript.Sleep 250                 
Loop 

strPassword = objExplorer.Document.Body.All.UserPassword.Value
strButton = objExplorer.Document.Body.All.OKClicked.Value
objExplorer.Quit
Wscript.Sleep 250

If strButton = "Cancelled" Then
    Wscript.Quit
End If

call Runas("REG.EXE ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /V SeparateProcess /t reg_dword /d 1 /f ", strPassword)
WScript.Sleep 700
call Runas("Explorer.exe /root, c:\documents and settings\if-adml-sel\desktop ", strPassword)
WScript.Sleep 700
call Runas("Explorer.exe /e ", strPassword)
WScript.Sleep 700
call Runas("CMD.EXE /k", strPassword)
WScript.Sleep 1700

set objMin = CreateObject("Shell.Application")
objMin.MinimizeAll

Sub Runas(strProgram, strPassword)
	objShell.Run "runas.exe /user:UFAD\IF-ADMN-" & Username & " """ & strProgram & """"
	WScript.Sleep 200
	objShell.AppActivate "runas.exe"
	WScript.Sleep 200
	objShell.SendKeys strPassword
	WScript.Sleep 100
	objShell.SendKeys "~"
End Sub

Sub RunasNetonly(strProgram, strPassword)
	objShell.Run "runas.exe /netonly /user:UFAD\IF-ADMN-" & Username & " """ & strProgram & """"
	WScript.Sleep 200
	objShell.AppActivate "runas.exe"
	WScript.Sleep 200
	objShell.SendKeys strPassword
	WScript.Sleep 100
	objShell.SendKeys "~"
End Sub

Admin Helper Script


Return to IT/SA Services Documentation: Active Directory

For Setting Up a Management Station:
You may copy the text below into a text file named "admin.vbs". You have to execute it using cscript from a command prompt (cscript admin.vbs). The script sets the registry value for explorer in separate processes. It also runs a cmd prompt, two Explorer windows, and a Remote Assistance window.

This will be in the startup folder for IFAS IT servers as well as the admin station terminal server, and the custom MMC will be added as well. If you have any other additions, let Steve know.

Admin.vbs:

Set objNetwork = CreateObject("WScript.Network")
Set objShell = CreateObject("WScript.Shell")
Set objPassword = CreateObject("ScriptPW.Password") 
WScript.StdOut.Write ("What is the password for IF-ADMN-" & objNetwork.UserName & "?")
Password = objPassword.GetPassword()

call runas("REG.EXE ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /V SeparateProcess /t reg_dword /d 1 /f ", Password)
WScript.Sleep 500
call runas("CMD.EXE /k", Password)
WScript.Sleep 500
call runasNetonly("Explorer.exe /e ", Password)
WScript.Sleep 500
call runasNetonly("Explorer.exe /e ", Password)
WScript.Sleep 500
call runas("Explorer.exe \""hcp://CN=Microsoft%20Corporation,L=Redmond,S=Washington,C=US/Remote%20Assistance/Escalation/Unsolicited/Unsolicitedrcui.htm\""", Password)
WScript.Sleep 500

Sub Runas(Program, Password)
	objShell.Run "runas.exe /user:UFAD\IF-ADMN-" & objNetwork.UserName & " """ & Program & """"
	WScript.Sleep 100
	objShell.AppActivate "runas.exe"
	WScript.Sleep 100
	objShell.SendKeys Password
	WScript.Sleep 100
	objShell.SendKeys "~"
End Sub

Sub RunasNetonly(Program, Password)
	objShell.Run "runas.exe /netonly /user:UFAD\IF-ADMN-" & objNetwork.UserName & " """ & Program & """"
	WScript.Sleep 100
	objShell.AppActivate "runas.exe"
	WScript.Sleep 100
	objShell.SendKeys Password
	WScript.Sleep 100
	objShell.SendKeys "~"
End Sub

last edited 3 October 2006 by Steve Lasley