How could I allow a user to run some software with giving them admin …..so after a while I came up with this:
Make a batch file that uses PS Tools then wrap the batch file up into an exe so the user can’t get to the admin password!!
Download and extract PS Tools from Microsoft http://technet.microsoft.com/en-us/sysinternals/bb896649
I normally delete all the tools I don’t use i.e. keep PSEXEC.exe (also it may be an idea to run psexec.exe prior to the script to get rid of the annoying disclaimer screen!
Create an administrator for the machine and remember the username and password.
In the folder with PS Tools create a batch file to run your desired software as an administrator, could look similar to this:
@Excho off psexec.exe -u DOMAIN\ADMIN_USER -p ADMIN_PASSWORD -i -d “C:\Program Files\Internet Explorer\iexplore.exe” Exit
Save the script and give it a test. I tested the script with IE as normal users don’t have access to the tools menu whereas Admins do.
Now to wrap the batch file:
Download this brilliant batch to exe application: https://f2ko.de/programme/bat-to-exe-converter/
Run it in either 32 bit or 64 bit, here are the options I used Notice I chose Invisible application, this simply means the user won’t see the script run! The working directory refers to where ever the exe is placed, for the end user place it somewhere where they have permissions to create and delete files such as “My Documents” etc otherwise once the program has run it wont be able to delete its temporary files (also specified below)!
Notice I added PsExec.exe – You must do this or batch script won’t run!
I used a logo just to make it look nicer for the end user:
Done, give it a test and let me know how you got on!!!!