使用用户名和密码运行NSIS安装程序

时间:2014-11-26 05:57:26

标签: windows installation nsis uac

如何在NSIS脚本中集成用户ID和密码,以便运行管理模式?

我有一个简单的NSIS脚本,它将我的应用程序文件复制到程序文件中。此脚本在管理模式下工作。我必须使用管理员(管理员)和密码(CorpPass @ 2424)在几台计算机上安装它,而不提供UAC对话框。

示例脚本

# This installs two files, app.exe and logo.ico, creates a start menu shortcut, builds an uninstaller, and
# adds uninstall information to the registry for Add/Remove Programs

# To get started, put this script into a folder with the two files (app.exe, logo.ico, and license.rtf -
# You'll have to create these yourself) and run makensis on it

# If you change the names "app.exe", "logo.ico", or "license.rtf" you should do a search and replace - they
# show up in a few places.
# All the other settings can be tweaked by editing the !defines at the top of this script
!define APPNAME "TEST App Name"
!define COMPANYNAME "TEST NAME"
!define DESCRIPTION "A short description goes here"
# These three must be integers
!define VERSIONMAJOR 1
!define VERSIONMINOR 1
!define VERSIONBUILD 1
# These will be displayed by the "Click here for support information" link in "Add/Remove Programs"
# It is possible to use "mailto:" links in here to open the email client
!define HELPURL "http://..." # "Support Information" link
!define UPDATEURL "http://..." # "Product Updates" link
!define ABOUTURL "http://..." # "Publisher" link
# This is the size (in kB) of all the files copied into "Program Files"
!define INSTALLSIZE 7233

RequestExecutionLevel admin ;Require admin rights on NT6+ (When UAC is turned on)

InstallDir "$PROGRAMFILES\${COMPANYNAME}\${APPNAME}"

# rtf or txt file - remember if it is txt, it must be in the DOS text format (\r\n)
LicenseData "license.rtf"
# This will be in the installer/uninstaller's title bar
Name "${COMPANYNAME} - ${APPNAME}"
Icon "logo.ico"
outFile "sample-installer.exe"

!include LogicLib.nsh

# Just three pages - license agreement, install location, and installation
page license
page directory
Page instfiles

!macro VerifyUserIsAdmin
UserInfo::GetAccountType
pop $0
${If} $0 != "admin" ;Require admin rights on NT4+
        messageBox mb_iconstop "Administrator rights required!"
        setErrorLevel 740 ;ERROR_ELEVATION_REQUIRED
        quit
${EndIf}
!macroend

function .onInit
    setShellVarContext all
    !insertmacro VerifyUserIsAdmin
functionEnd

section "install"
    # Files for the install directory - to build the installer, these should be in the same directory as the install script (this file)
    setOutPath $INSTDIR
    # Files added here should be removed by the uninstaller (see section "uninstall")
    file "app.exe"
    file "logo.ico"
    # Add any other files for the install directory (license files, app data, etc) here

    # Uninstaller - See function un.onInit and section "uninstall" for configuration
    writeUninstaller "$INSTDIR\uninstall.exe"

    # Start Menu
    createDirectory "$SMPROGRAMS\${COMPANYNAME}"
    createShortCut "$SMPROGRAMS\${COMPANYNAME}\${APPNAME}.lnk" "$INSTDIR\app.exe" "" "$INSTDIR\logo.ico"

sectionEnd

# Uninstaller

function un.onInit
    SetShellVarContext all

    #Verify the uninstaller - last chance to back out
    MessageBox MB_OKCANCEL "Permanantly remove ${APPNAME}?" IDOK next
        Abort
    next:
    !insertmacro VerifyUserIsAdmin
functionEnd

section "uninstall"

    # Remove Start Menu launcher
    delete "$SMPROGRAMS\${COMPANYNAME}\${APPNAME}.lnk"
    # Try to remove the Start Menu folder - this will only happen if it is empty
    rmDir "$SMPROGRAMS\${COMPANYNAME}"

    # Remove files
    delete $INSTDIR\app.exe
    delete $INSTDIR\logo.ico

    # Always delete uninstaller as the last action
    delete $INSTDIR\uninstall.exe

    # Try to remove the install directory - this will only happen if it is empty
    rmDir $INSTDIR

    # Remove uninstaller information from the registry
    DeleteRegKey HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\${COMPANYNAME} ${APPNAME}"
sectionEnd

2 个答案:

答案 0 :(得分:0)

您无法绕过UAC,用户可以在安全桌面上与UAC对话框进行交互。

在Windows 2000 / XP / 2003上,您可以使用runas / CreateProcessAsUser作为不同的用户启动新进程,并且在这些系统上可以提升为管理员(在2003年,这可能不太有效,因为您可能不会&# 39; t有required privilege)。这在Vista +上是不可能的,因为UAC引入了split tokens,这意味着作为管理员组成员的用户在通过UAC对话框之前并不是真正具有完全访问权限的管理员并且"解锁&# 34;无限的令牌。

如果您只需要以特定用户身份启动新流程,那么仍然可以使用LogonUser + CreateProcessAsUser完成,但如果您的起点不是非提升的,它将不允许您绕过UAC并获得无限制的管理员令牌过程

作为系统运行的NT服务可以访问无限制令牌,但这当然意味着您必须至少提升一次UAC以便首先安装服务...

答案 1 :(得分:0)

如果您有管理员ID和密码,则可以直接验证并执行命令

VB脚本 

dim WshShell,FSO ,currDir


set WshShell = CreateObject("WScript.Shell")
set WshEnv = WshShell.Environment("Process")
WinPath = WshEnv("SystemRoot")&"\System32\runas.exe"
set FSO = CreateObject("Scripting.FileSystemObject")
currDir = FSO.GetAbsolutePathName(".")

sUser="Admin"
sPass="Password_123"&VBCRLF
sCmd= currDir &"\MySetup.exe"

if FSO.FileExists(winpath) then
'wscript.echo winpath & " " & "verified"
else
set WshShell=Nothing
set WshEnv=Nothing
set FSO=Nothing
wscript.quit
end if

rc=WshShell.Run("runas /user:" & sUser & " " & CHR(34) & sCmd & CHR(34), 2, FALSE)
Wscript.Sleep 90 
WshShell.AppActivate(WinPath) 
WshShell.SendKeys sPass

set WshShell=Nothing
set WshEnv=Nothing
set FSO=Nothing

wscript.quit
相关问题
最新问题