Run exe as admin in a user session

Questions about WAPT Packaging / Requests and help regarding Wapt packages.
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Locked
atriou
Messages: 3
Registration: February 2, 2017 - 4:38 PM

February 3, 2017 - 5:56 PM

Good morning,

I am looking to deploy the host version of TeamViewer version 12 with automatic assignment to my online account.

To do this, I deploy the MSI and the TeamViewer_Settings.reg configuration file using the WAPT tool. During deployment with the WAPT service's system account, the PC is not connected to the internet (transparent proxy based on a Windows AD account). The internet is only active on the PC when a user session is open. The TeamViewer host client then establishes a connection with the TeamViewer servers on the internet and is "customized": the license is activated, and the "AssignmentData.json" file is generated in the TeamViewer directory "C:\Program Files (x86)\TeamViewer".

The TeamViewer publisher describes a procedure for assigning a PC's TeamViewer ID to a TeamViewer online account. This requires running their "TeamViewer_Assignment.exe" utility with certain arguments.

Unfortunately, the "AssignmentData.json" file is generated with very restricted attributes, only read access for the local Administrators group on the PC.

If I run the "TeamViewer_Assignment.exe" utility in the "def install()" of the wapt package, I have no internet connection -> no "AssignmentData.json" file generated, etc.

If I run the "TeamViewer_Assignment.exe" utility in the "session_setup", an administrator account must be logged in for everything to work. This is problematic because all my users are "users".

I have no knowledge of Python programming; I'm browsing community documentation and drawing inspiration from existing package templates. I've come up with a workaround to run the "TeamViewer_Assignment.exe" utility as an administrator within a user session.

Is it possible? If so, how, or do you have another method to suggest?

Thank you.

Below are the source files for my package (the "TeamViewer_Assignment.exe" utility is located in the temp directory):

Code: Select all

from setuphelpers import *

uninstallkey = []

destdir = makepath('c:\\wapt\\temp')

def install():
    print('installing atr-teamviewer-host12')
    copytree2('temp',destdir,onreplace=default_overwrite_older)
    install_msi_if_needed('TeamViewer_Host-xxxxxxxxxx.msi',killbefore=['teamviewer.exe'])


def session_setup():
    install_exe_if_needed("%s\TeamViewer_Assignment.exe" % destdir,silentflags='-apitoken 1234567-xxxxxxxxxxxxxxxxxxxx -datafile "${ProgramFiles}\TeamViewer\AssignmentData.json"',accept_returncodes=[0,1],timeout=30)


def uninstall():
    print "Remove directory content %s" % destdir
    remove_tree(destdir)
Last edited by atriou on 09 Feb 2017 - 11:51, edited 1 time.
High
Aedenth
Messages: 15
Registration: Sep 19, 2016 - 09:26

February 6, 2017 - 9:02 AM

Good morning,

You can probably do this by creating a scheduled task via wapt that runs once at startup as admin, using schtasks.

Code: Select all

run(schtasks /create /tn <TaskName>/TR <TaskRun>/SC fois /St <HH:MM>[/sd <StartDate>] [/it] [/ru {[<Domain> \] <User>[/rp <Password>] | Système}] [/ s <Computer>[/u [<Domain> \] <User>[/p <Password>]]]
Doc Schtasks: https://technet.microsoft.com/fr-fr/lib ... #BKMK_once
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

February 6, 2017 - 11:53 PM

It might be simpler for you to authorize your workstations to connect to TeamViewer?

What type of authentication are you using? NTLM? Kerberos? Something else?
High
atriou
Messages: 3
Registration: February 2, 2017 - 4:38 PM

February 9, 2017 - 12:05

I haven't had time to test the scheduled task yet.

Our users authenticate to their workstations through a Microsoft Active Directory (functional level 2008, I believe), using Kerberos authentication.

I'm going to post a message on TeamViewer support to find out why the "AssignmentData.json" file is generated with very restricted attributes (only read access for the local Administrators group on the PC).
High
Locked

Return to “WAPT Packages”


  • To go further with WAPT