[RESOLVED] Adding a registry key with VB6 as an administrator

I would like to use a VB6 program to add a registry key, but the workstations will be logged in as a power user and this key requires admin rights. Is there a way in VB6 to have the program add a registry key as the administrator account when the workstation is logged in as a power user? The password is the same for all our workstations so I can supply the username/password in the code.

Yes. The catch is that the admin has to set it up per workstation (so you still have to visit each PC and install an app), but once set up the user(s) that the admin specifies (by login name) can make changes. Take a look at http://www.vbforums.com/showthread.p...dInitializeSid

That's not quite what I'm looking for. I'm not looking to change permissions, I'm looking to add a key as with admin privileges. I will be running this program from a login script across our network. For example, below I have posted code that allows me to run a command line program or command as an admin. I can use this code if I have another program or a separate reg file, but I'd rather not do it that way. I'd rather have some way to say "run this following command as user administrator" right from this program.

Public Function W2KRunAsUser(ByVal UserName As String, _
ByVal Password As String, _
ByVal DomainName As String, _
ByVal CommandLine As String, _
ByVal CurrentDirectory As String) As Long

Dim si As STARTUPINFO
Dim pi As PROCESS_INFORMATION

Dim wUser As String
Dim wDomain As String
Dim wPassword As String
Dim wCommandLine As String
Dim wCurrentDir As String

Dim Result As Long

si.cb = Len(si)

wUser = StrConv(UserName + Chr$(0), vbUnicode)
wDomain = StrConv(DomainName + Chr$(0), vbUnicode)
wPassword = StrConv(Password + Chr$(0), vbUnicode)
wCommandLine = StrConv(CommandLine + Chr$(0), vbUnicode)
wCurrentDir = StrConv(CurrentDirectory + Chr$(0), vbUnicode)

Result = CreateProcessWithLogonW(wUser, wDomain, wPassword, _
LOGON_WITH_PROFILE, 0&, wCommandLine, _
CREATE_DEFAULT_ERROR_MODE, 0&, wCurrentDir, si, pi)
' CreateProcessWithLogonW() does not
If Result <> 0 Then
CloseHandle pi.hThread
CloseHandle pi.hProcess
W2KRunAsUser = 0
Else
W2KRunAsUser = Err.LastDllError
MsgBox "CreateProcessWithLogonW() failed with error " & Err.LastDllError, vbExclamation
End If

End Function

CreateProcessWithLogon will work but dont pass the argument to logon with profile. Also, the OpenProcessToken may be another route to take.

I think I'm not being very clear. I want to add a registry, but NOT by launching an external program. I want it all done within the VB program. Maybe it would look something like this...

'get admin rights and add to registry
LoginAsUser(Administrator, Password)
'write to registry now that you are logged in as admin
regCreate_A_Key HKEY_CURRENT_USER, "Software\MyTest\test"

Or maybe it would look something like this...

LaunchSubAsUser(username, password, SubToLaunch)

I have no idea how the code would look, but what I want to do is this... I want to insert the following reg key:
HKEY_CURRENT_USER, "Software\MyTest\test"
But a user without admin rights will be logged in and I need for it to be done with admin rights. The VB program will be launched from a login script and the workstations are not in a domain.

I hope this is understandable.:ehh:

Well how do you expect to access the registry if you dont create a new separate process with the credentials applied? You cant apply them to a already running process. Usually you will create an activex out of process process with the perms applied and do your task. This is the core security logic used in Vista's User Account Control.

Ok, so it seems what I'm trying to do is not possible. I need to launch a new process with the credentials applied. Going back to the code I posted, it works well using this, but only if I launch the new process locally on the workstation and not from the network. For example, if I try to launch this...

regedit /s z:\regfile.reg

It doesn't like it... apparently because it's on the network and not local to the workstation. If I launch this...

regedit /s c:\regfile.reg

It works fine. Any ideas why this would be?

Thanks for the help!

If I remember correctly, only newer OS' support remote registry connections. What OS are you testing this on? Woundlt it be easier to use an ActiveX EXE for the out of process part and execute it with CreatePrcessWithLogon and not passing the logon_with_profile?

What you can also do is place a remote exe file for just the registry stuff and run it on that workstation.

These are XP workstations. The workstation will be the one to execute the program (via the users login script). If I use put this in the login script...

regedit /s z:\regfile.reg

It works fine, but If I do the same thing from the code I pasted, it doesn't work unless I copy the reg file to the local hard drive. I'm not sure why, but I think it has something to do with it launching the program from the command line. If there was a way to launch it with this code, but NOT from the command line, then I think it would work. Is there a way to execute an external program with a specified user account, but not from the command line?

ActiveX might work, but I'm not familiar with creating ActiveX exe's. Not that I would be against going this route, but I wouldn't even know how to begin.

I should explain what I just posted. It works if I run "regedit /s z:\regfile.reg" from the login script as long as the user is an administrator. Because the workstations will not be logged in as administrators, I need to have a program launch it with the admin account.

Yes, it doesnt run because partly of the reason I just posted. I have a thread in CodeBank that uses WMI calls to execute a process on a local workstation. So you could copy the file over and then invoke it if you dont want it in the startup of the workstation but the startup is probably the best location.

I have done a small app before like this. The logon script generated a data file and my main app read in the data remotely.

I found out there is a way to do this without launching another process. It's called "ImpersonateLoggedOnUser". Here's the code...

Private Declare Function LogonUser Lib "advapi32.dll" Alias "LogonUserA" (ByVal lpszUsername As String, _
ByVal lpszDomain As String, ByVal lpszPassword As String, ByVal dwLogonType As Long, _
ByVal dwLogonProvider As Long, phToken As Long) As Long

Private Declare Function ImpersonateLoggedOnUser Lib "advapi32.dll" (ByVal hToken As Long) As Long

Private Declare Function DeleteFile Lib "kernel32" Alias "DeleteFileA" (ByVal lpFileName As String) As Long

Private Declare Function RevertToSelf Lib "advapi32.dll" () As Long

Private Declare Function ShellExecute Lib "shell32.dll" Alias "ShellExecuteA" (ByVal hwnd As Long, _
ByVal lpOperation As String, ByVal lpFile As String, ByVal lpParameters As String, ByVal lpDirectory _
As String, ByVal nShowCmd As Long) As Long

Private Sub main()
Dim hnd As Long
Dim res As Long

If LogonUser("Administrator", ".", "mypassword", 2, 0, hnd) <> 0 Then
If ImpersonateLoggedOnUser(hnd) <> 0 Then
lngRet = SetValue(HKEY_LOCAL_MACHINE, "SYSTEM\...")
RevertToSelf
End If
End If
End Sub

I left out the code needed for writing to the registry because I didn't want this go get too long. As you can see, you can elevate the current process to another user, run the code you want to launch as an admin, and then return the process back to the user currently logged in. It works great!

Cool, I didnt know about ImpersonateLoggedOnUser. May really come in handy in the future. Thanks for posting :thumb: