1
On a Windows Vista Business machine, I have Windows Task Scheduler task set to run everytime any user logs in. The task runs as a certain elevated admin user because the script is being executed from a fileserver that requires that user's authentication for access and the script in question will be performing operations that need full control of the machine it's being executed on. The script runs great, accesses the network resources, and does administrative tasks fantastically, however, the %username% and other environment variables are for elevated user and not the user who has actually logged in.
Is there a way to run the task elevated with the current logged in user's environment variables? Or is there some way I can find out what account the elevated prompt has been executed from within (if I can find this out, I can get the environment variables for that user)?
To help make my question more clear, here's a scenario and a line from my script. Suppose the regular non-admin user named Bob logs in. Task Scheduler fires the script as an elevated user iAmAdmin. The script executes a command:
eventcreate /t information /id 118 /l SYSTEM /so "My Script" /d "%username% logged in on %date% at %time%"
The %username% in the description shows up as iAmAdmin instead of Bob. Is there a way to get the %username% (or any other environment variables) for the account from which the elevated prompt was started (i.e. Bob shows up for %username% instead of iAmAdmin since Bob's account is the one that is logged in)?
(Note: the use of eventcreate was just an example. The script does a lot more than that, so the issue here isn't with eventcreate, but some of the operations require the actual logged in users environment variables.)
Trav
Posted 2012-05-11T14:10:43.907
Reputation: 908
Is the entire scheduled task configured to run under "Bob" or "iAmAdmin"? – user1686 – 2012-05-11T14:13:40.923
iAmAdmin is the user account that launches the task. The trigger is when any user logs in. – Trav – 2012-05-11T14:20:44.407
In that case, "Or is there some way I can find out what account the elevated prompt has been executed from within" can be answered as no, because it wasn't executed from within another account -- it's actually running "on the side", started by Task Scheduler under "iAmAdmin". – user1686 – 2012-05-11T14:23:17.760
(Also, regarding the specific example of
eventcreate-- the same kind of logging is already performed by the Security log in Windows, if logon auditing is enabled.) – user1686 – 2012-05-11T14:25:15.073Well, my reasons for using eventcreate is that I want to be able to check to see when the script runs. The custom ID, Source, et al makes it easy for me to track stuff that happens in the script. The login message was just an example :) – Trav – 2012-05-11T14:31:20.150
As grawity is saying there is no relation between Bob and iAmAdmin when the script is started in Task Scheduler under iAmAdmin. As a hack your script could find out which 'normal' user is currently logged on to the machine (assuming there is only one) and then use that username. How to do this depends on your scripting technology. – Peter Hahndorf – 2012-05-11T14:45:21.580
Right now, I'm just using plain ol' batch scripts, but I'm not opposed to getting to know WSH, and this is as good of an excuse as any to learn. I was just hoping there'd be a quick way from a batch file. – Trav – 2012-05-11T14:55:55.363