sover Posted March 26, 2010 Share Posted March 26, 2010 Hi, I'm new to the forums. I'm setting up a Terminal Service server using Windows Server 2008. I would like to use the Windows command "net user [username] [password]" to create user accounts on that machine. This way I won't have to mess with Active Directory or an LDAP system. The idea is to create a web form that will allow users to create their own user accounts on this machine. I'm trying to use the PHP system() function to pass those commands into windows, but I am not able to get it to run these commands as an administrator. My means of troubleshooting have involved passing "dir > c:\itworked.txt" through PHP, where the root of c:\ is only writable to by administrators. I've gone as far as installing the Privilege Elevation Powertoys and using the "elevate" command to bypass UAC. <?php echo "Hello World"; //make sure PHP is installed. system('dir > c:\itworked.txt',$output); echo $output; ?> I've installed php as a cgi module in windows server 2008 using 'php-cgi.exe' and set that program to run as administrator. I've also configured the php module to run with script and execution privileges. Does anyone have any ideas? Any help would be greatly appreciated. Thanks, David. Quote Link to comment Share on other sites More sharing options...
jonsjava Posted March 26, 2010 Share Posted March 26, 2010 I have a batch file that runs a PHP script with $PATH set so it can see the php-cgi. I then run that batch file in an infinate loop with 5 second sleeps and have it serviced as running as administrator. If you need help/pointers, let me know. Quote Link to comment Share on other sites More sharing options...
jonsjava Posted March 26, 2010 Share Posted March 26, 2010 forgot to mention, I have a database that stores next commands to execute, and that's what the php script runs. This way, you set up a front-end, it posts data to the DB, the script kicks every so often, finds un-run scripts, and runs them. Quote Link to comment Share on other sites More sharing options...
sover Posted March 26, 2010 Author Share Posted March 26, 2010 Your solution sounds like one that could very well work for me. Though to be honest, I'm still pretty new to both PHP and programming in general. Could you explain in detail how I could emulate this system? Thanks for the speedy reply, David. Quote Link to comment Share on other sites More sharing options...
jonsjava Posted March 26, 2010 Share Posted March 26, 2010 Glad to be of service. First, create a batch file: @echo off $PATH="C:\path_to_PHP_exec\"; :loop php your_script_to_execute.php @ping -5 127.0.0.1 > nul goto loop Next, create the php file to execute the file: <?php $link = mysql_connect("localhost","some_user","some_pass"); mysql_select_db("some_db",$link); $sql = "SELECT * FROM `commands` WHERE `executed` = 0;"; $res = mysql_query($sql); while ($row = mysql_fetch_assoc($res)){ $command = $row['command']; $id = $row['id']; shell_exec($command); mysql_query("UPDATE `commands` SET `executed`=1 WHERE `id`=$id LIMIT 1;"); } ?> Now, you need a database that has a table called "commands" and it should have this schema: id (int) length 5 auto increment primary key command(varchar) length 255 not null Now, when someone wants to set up their user, just store the command that will need to be run in the database, and it will be run in the next 5 minutes. I kinda bashed this script together, because I can't post the one I use. IP and all. Company wouldn't be happy with me if I was to share trade secrets *yawn* Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.