Jan 26

Running VBScripts with UAC Elevation


Since the introduction of User Account Control (UAC), scripts do not run with administrator privileges despite being a local administrator.  You must elevate your script to run with administrator privileges. I’ll start by showing you a simple example.  The script below will list all of the processes on the local computer as well as the WIN32_Process CommandLine property.  If you run the script on a computer with UAC without elevating it, you will only see CommandLine values for processes created by your account; if any other processes were created by another account, the CommandLine property will be NULL.


On a test machine, I was logged on as User1, opened notepad, and launched a vbscript as the local administrator account using RunAs.  I ran the script above and compared the results to task manager with the following results:

As you can see, the script successfully showed the CommandLine property for the currently logged on user

User1 Test Script Notepad Process Results

User1 Task Manager Notepad Process Results

However, the test script failed to show the CommandLine property for the wscript.exe process running as administrator:

Administrator Test Script Wscript Process Results

Administrator Task Manager Wscript Process Results

By re-running the test script with elevated privileges, the script now successfully shows the CommandLine property for the wscript process running as Administrator.

Administrator Elevated Test Script Wscript Process Results

Now that I have successfully demonstrated the need to run a script elevated on a local machine, you might be wondering what happens when you the test script on a remote machine.  If you run the script on a remote machine that you have administrator rights on, it will successfully display the CommandLine property for all users.  Now, you might be confused as to why it works remotely?  The answer is quite simple, the script is elevated by RPC.  Now that you have a good understanding of running vbscripts with UAC elevation, here are some methods on how to elevate them.


 Method 1 – Elevating Using the Command Prompt

  1. Click Start, All Programs, Click Accessories
  2. Right-click Command Prompt and click Run as administratorRun Elevated Command Prompt
  3. Click Yes
    1. CMD UAC Prompt
  4. Any script you launch using wscript.exe or cscript.exe will launch elevated

Method 2 – RunAs Script

This method uses a wrapper script to run an elevated VBScript using the runas verb with the ShellExecute method of Shell.Application.  When it launches the elevated script, click Yes


VBS UAC Prompt


Method 3 – Add ‘Run as administrator’ to the .vbs File Context Menu

The ‘Run as administrator’ option on a File Context Menu is only available on certain file types by default, and .vbs files are not one of them.  However, by doing a quick registry modification we can enable the ‘Run as administrator’ option o the file context menu.  Download and run the following registry to merge it into your registry, or you can copy the below text and save it to a .reg file:

Add Run as administrator to VBS File Context Menu


Jan 25



Jan 24

Find Email Address in Active Directory

Did you ever try to create a new email address and receive an error message that it already exists?  Or did you ever have someone ask who is using an email address?  Here are some methods to find the email address:

1 – Active Directory Users and Computers Saved Queries (Server 2003 and up)

  • In Active Directory Users and Computers, right-click the Saved Queries container and click New->Query
  • Enter a name for the query then click the Define Query button
  • Click the Find drop-down menu and click Custom Search
  • Click the Advanced tab and enter the following query (Replace jdoe@domain.com with the email you want to find)
  • Click OK

LDAP proxyAddresses Query


2 – Exchange 2010/2007 Management Shell

To find a particular email address use the following command (Replace jdoe@domain.com with the email you want to find)

To find all email addresses for a particular domain use the following command (Replace domain.com with the domain you want to find)



3 – Outlook

In Outlook, create a new message and type the email address into the to field.  Click the Check Names button or press Ctrl+K to resolve the email to the display name.  Note: this will not work if recipient is hidden from the GAL or Address List!!!

Jan 23

Identify a Windows VM Disk in vSphere

If you have ever worked with VMWare’s vSphere, I’m sure there has come a time that you needed to modify or remove Windows VM Disk.  Sure, it’s a simple enough task, but what if you have multiple disks that are the same size?  How can you correctly identify the virtual disk in vSphere?  Luckily, it is quite easy to identify a virtual disk in a Windows VM.

Identify the Bus and Target ID in the Windows VM

On your Windows VM, open Server Manager.  In Server Manager, Expand Storage and click on Disk Management.  Right Click on a Disk and click Properties (Note: Make sure you right click on the left side where it says Disk #, don’t right-click on the right side where it has the partition).

Disk Properties

On the General Tab, locate the Bus # and Target Id and record the values for each disk.

VM Bus and Target ID

Identify the Windows Disk in vSphere

In vSphere, open the properties of your virtual machine.  If you select a virtual disk, the SCSI or IDE Controller and ID is displayed under Virtual Device Node.  Using this information, you can match it to the Windows Disk.  The SCSI/IDE Controller # will match the Bus # and the SCSI/IDE ID will match the Target Id.  Ex: Bus 0, Target Id 1 in Windows matches SCSI(0:1) in vSphere.

Virtual Device Node

Jan 22



Jan 18



Jan 18



Jan 18



Jan 14

DHCP Message Class

Here is a class I wrote to generate a DHCP message.  It’s primary purpose is to send a DHCP message, which can be useful for finding DHCP servers on a network



Jan 04