/build/static/layout/Breadcrumb_cap_w.png

Scripting Question


Running a process as a different user.

01/29/2020 145 views

When digging within Kace I stumbled upon something that I cannot reliably re-create and was wondering if someone can give some insight on this.

We have users with specific security software installed which limits the remote screen sharing of TeamViewer and other apps.  These users needed software updated every 3 months and it required a person go to their remote locations in person, run an "Update.exe" as a privileged user and click next 5 times.  When playing around I found that if I run an installer through Kace using my privileged domain credentials it would send me a Kace notification that i have a "message available to see, please click here" or something like that.  When you click it, it would open up what seems to be a desktop with the installer prompting for me to click next.  I got this working on my computer a couple times, but nothing reliable, and this would NEVER work for the users(I did have a profile on their computer created already).  Does anyone know what process did that?  Is there a way to get this reliably working? Thanks in advance.

0 Comments   [ + ] Show comments

Comments


All Answers

0

Why not simply capture the process to an MSI - if the updater doesn't already extract and execute an MSI - and deploy that?

Answered 01/30/2020 by: VBScab
Red Belt

  • the updater isn't a installer, the updater is something that reaches out to the server, downloads packages, then runs what it downloads. The full install of the new version is a lot bigger than what it downloads as the update. When the updater runs, it does require user interaction and the user running it needs access to a protected network share so the running as the System User wouldn't work.

    Edit: The post was more asking about this feature, what it is called, and how to make it work reliably. Not really a work around for a one off situation. If this is something that can be leveraged into other situations then we will use it in the future.
0

If you are using the user portal you could advertise the script or managed install as a download. I'm not sure if you can configure those to run under specific credentials or not (we don't use self service in our environment).

I would also recommend implementing a remote support tool to avoid the sneaker net scenarios that can't be automated. We use Microsoft Teams and it works very well for remote support.

Answered 01/30/2020 by: chucksteel
Red Belt

  • This is a Federal Reserve requirement. It does a whole bunch of stupid things to the users computer. We can remote in to their screen, but EVERYTHING is whited out with a "protected by blah blah software" obviously I forgot the name of the software but it does that. it also remaps keys and encrypts typing which fails frequently so the user will be typing normally then all of a sudden "hgyw s82tc 3n7v gna2". Still, the question was about a functionality within Kace that has been seen running in the past, not a work around. Thanks for the insight though

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ