Invoke - Add Current User to Administrators Temporarily - Windows
Log In or Register to download the BES file, and more.

0 Votes

Versioning - This is the latest version.

1Invoke - Add Current User to Administrators Temporarily - Windows8/30/2016 5:42:02 PM
2Invoke - Add Current User to Administrators Temporarily - Windows8/30/2016 7:58:32 PM
3Invoke - Add Current User to Administrators Temporarily - Windows8/31/2016 11:37:42 AM
4Invoke - Add Current User to Administrators Temporarily - Windows9/1/2016 7:37:14 AM

Description

This Fixlet can be paired with the, "Invoke - Remove Expired Users from Temporary Administrators - Windows" fixlet to temporarily grant users administrative rights to workstations.

For general information or to report issues with C3 Inventory content please visit GitHub here: https://github.com/strawgate/C3-Inventory


Property Details

ID21369
TitleInvoke - Add Current User to Administrators Temporarily - Windows
DomainBESC
SourceInternal
Source Release Date4/25/2016 12:00:00 AM
Added by on 9/1/2016 7:37:14 AM
Last Modified by on 9/1/2016 7:37:14 AM
Counters 1353 Views / 20 Downloads
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 0 ratings. ** Log In or Register to add your rating.

Relevance

isWindows (Relevance 1172)
Used in 1097 fixlets and 523 analyses   * Results in a true/false
Show indented relevance
windows of operating system
Used in 22 fixlets   * Results in a true/false
Show indented relevance
exists logged on user
Used in 9 fixlets   * Results in a true/false
Show indented relevance
not exists members whose (sid of it = sid of logged on user) of local group "administrators"

Actions

Action 1 (default)

Action Link Click here to grant the current user administrative rights for 1 hour.
Script Type BigFix Action Script
wait net localgroup "administrators" "{sid of logged on user}" /add

parameter "Timestamp"="{now as string}"

regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration\{sid of logged on user}]" "Start"="{now as string}"
regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration\{sid of logged on user}]" "Expiration"="{now + (1 * hour)}"

regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration History\{parameter "Timestamp"}\{sid of logged on user}]" "Start"="{now as string}"
regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration History\{parameter "Timestamp"}\{sid of logged on user}]" "Expiration"="{now + (1 * hour)}"
Success Criteria

This action will be considered successful when all lines of the action script have completed successfully.

Action 2

Action Link Click here to grant the current user administrative rights for 8 hours.
Script Type BigFix Action Script
wait net localgroup "administrators" "{sid of logged on user}" /add

parameter "Timestamp"="{now as string}"

regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration\{sid of logged on user}]" "Start"="{now as string}"
regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration\{sid of logged on user}]" "Expiration"="{now + (8 * hour)}"

regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration History\{parameter "Timestamp"}\{sid of logged on user}]" "Start"="{now as string}"
regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration History\{parameter "Timestamp"}\{sid of logged on user}]" "Expiration"="{now + (8 * hour)}"
Success Criteria

This action will be considered successful when the applicability relevance evaluates to false.

Action 3

Action Link Click here to grant the current user administrative rights for 1 day.
Script Type BigFix Action Script
wait net localgroup "administrators" "{sid of logged on user}" /add

parameter "Timestamp"="{now as string}"

regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration\{sid of logged on user}]" "Start"="{now as string}"
regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration\{sid of logged on user}]" "Expiration"="{now + (1 * day)}"

regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration History\{parameter "Timestamp"}\{sid of logged on user}]" "Start"="{now as string}"
regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration History\{parameter "Timestamp"}\{sid of logged on user}]" "Expiration"="{now + (1 * day)}"
Success Criteria

This action will be considered successful when the applicability relevance evaluates to false.

Action 4

Action Link Click here to grant the current user administrative rights for 5 days.
Script Type BigFix Action Script
wait net localgroup "administrators" "{sid of logged on user}" /add

parameter "Timestamp"="{now as string}"

regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration\{sid of logged on user}]" "Start"="{now as string}"
regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration\{sid of logged on user}]" "Expiration"="{now + (5 * day)}"

regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration History\{parameter "Timestamp"}\{sid of logged on user}]" "Start"="{now as string}"
regset "[HKEY_LOCAL_MACHINE\Software\Admin Expiration History\{parameter "Timestamp"}\{sid of logged on user}]" "Expiration"="{now + (5 * day)}"
Success Criteria

This action will be considered successful when the applicability relevance evaluates to false.


Sharing

Social Media:
Share this page on Yammer

Comments

Log In or Register to leave comments!
kvellano -
Curious - if one wanted to audit what was done while the user had admin rights, what would be the best methodology of doing so using this fixlet?