Archive: NT Authority and Scheduler Code


NT Authority and Scheduler Code
Thanks for everyone's help when I had problems with the code for the scheduler -- I can get it to work now. One thing that confuses me, though, is I can get a scheduled task to run using AUTHORITY\System without a password if I'm creating the task with the Windows Task Scheduler GUI. If I use Authority\System as the user without password in the NSIS script, it fails to run. Me no understand. No Cabish! Is this standard behavoir? Can I make it so that the NSIS script can run with Authority\System and no password? Thanks in advance and I apologize for my lack of knowledge at this point in time.


I don't understand. Are you running a NSIS installer from a scheduled task and get nothing or are you trying to schedule task with NSIS and fail?


Kichik thanks for your reply.

I am successful running a scheduled task from the NSIS generated executable as per the code. I need to input the current user and their password for it to work -- that I believe is normal behavior. However, I would like to run it as NT Authority\System and I am unable to do so when I do this to the code:

Section "SiteSecureBackup"
push "My Task"
push "My Task Comment"
push "c:\Working Dir\My Task Program.exe"
push "c:\Working Dir"
push ""
push "*(&l2, &i2 0, &i2 2007, &i2 11, &i2 1, &i2 0, &i2 0, &i2 0, &i2 9, &i2 0, i 0, i 0, i 0, i 2, &i2 1, &i2 0x2, &i2 0, i 0, &i2 0) i.s"
push "NT Authority\System"
push ""
Call CreateTask
Pop $0
MessageBox MB_OK "CreateTask result: $0"


HOWEVER I am able to run a task with the NT Authority\System user and no password when I create the task using the Windows scheduler wizard built into Windows XP (I just input "NT Authority\System" into the "Enter the user name" box and leave password blank). So why does it work with the wizard but not the script? I would like to be able to run a task using the NSIS Script using NT Authority\System just like wizard does. Can this be done? Thank you.


You need to update the script to pass NULL instead of an empty password. In the SetAccountInformation call, replace r8 with n.


thank you, and in following part did I do it correctly? Or should those "pushes" both be blank?

Thanks

Section "SiteSecureBackup"
push "My Task"
push "My Task Comment"
push "c:\Working Dir\My Task Program.exe"
push "c:\Working Dir"
push ""
push "*(&l2, &i2 0, &i2 2007, &i2 11, &i2 1, &i2 0, &i2 0, &i2 0, &i2 9, &i2 0, i 0, i 0, i 0, i 2, &i2 1, &i2 0x2, &i2 0, i 0, &i2 0) i.s"
push "NT Authority\System"
push ""
Call CreateTask
Pop $0
MessageBox MB_OK "CreateTask result: $0"


You need to update CreateTask itself, not your code that calls CreateTask.


Yes, I replaced SetAccountInformation r8 with n higher up in the script. My question is: is that replacement higher up in the script, plus the changes I made in the code that calls CreateTask sufficient? I'm a newbie (I'm sure you can tell that by now) so I'm unclear when you say "you need to update CreateTask itself". I thought I did that.

Thank you for your expertise and help. Peace.


The section code seems fine at first look. Doesn't it work now with the CreateTask modification?


Kickik -- I'm going to have to get back later today. Office computers under trojan attacks and I must go in to repair. But I can say that yesterday when I tried it with the modifications we are speaking of, the Windows Scheduler still showed it as being created by the local user and not "NT Authority\System", but I didn't have the time to troubleshoot then. Will later.

Talk later.