cancel
Showing results for 
Search instead for 
Did you mean: 

Start custom Ressource as admin?

Sigi
Level 4

Hi

Ive made a custom ressource with a script. This Script trigger another script which needs Runas Admin rights.
The Cluster cannot not start the second script as admin how can i manage this? I dont want to deactivate the UAC on the Server.

Environment: Windows 2008 R2 with SFHA 5.2 Sp2

Thanks for any suggestion.

1 ACCEPTED SOLUTION

Accepted Solutions

Wally_Heim
Level 6
Employee

Hi Sigi,

 

All resource agents get started in the Local System user context the same as the HAD service.  It is not supported to start HAD with a different user account than Local System.  However, there are some agents which have Username, Domain and Password attributes so that they can run their entry points with a different user.  The process agent is one of these agents.  You might try switching your customer agent to a process agent and take advantage of this feature.

 

Otherwise, you might want to try the runas.exe command in your first script to call the second one with elevated user rights.  The only problem with this is that the username and password are passed to runas.exe in plain text format. 

 

I think there are also some other windows commands that will allow for the change of the executing user account.

 

Thanks,

Wally

View solution in original post

3 REPLIES 3

Wally_Heim
Level 6
Employee

Hi Sigi,

 

All resource agents get started in the Local System user context the same as the HAD service.  It is not supported to start HAD with a different user account than Local System.  However, there are some agents which have Username, Domain and Password attributes so that they can run their entry points with a different user.  The process agent is one of these agents.  You might try switching your customer agent to a process agent and take advantage of this feature.

 

Otherwise, you might want to try the runas.exe command in your first script to call the second one with elevated user rights.  The only problem with this is that the username and password are passed to runas.exe in plain text format. 

 

I think there are also some other windows commands that will allow for the change of the executing user account.

 

Thanks,

Wally

View solution in original post

Marianne
Moderator
Moderator
Partner    VIP    Accredited Certified

You might want to turn off UAC: http://technet.microsoft.com/en-us/library/cc709691%28WS.10%29.aspx

Sigi
Level 4

Well thanks for the suggestion, but disable UAC is not an option for us.