NSudo | A Powerful System Administration Tool

Discussion in 'MDL Projects and Applications' started by Mouri_Naruto, Feb 6, 2015.

?

These things you maybe see in the future version of NSudo. What do you think about?

Poll closed Nov 11, 2018.
  1. Publish to Chocolatey? (Suggested by wwtex.)

    8 vote(s)
    66.7%
  2. Publish to scoop? (Suggested by wwtex.)

    1 vote(s)
    8.3%
  3. Publish to Windows Store? (Desktop Bridge.)

    3 vote(s)
    25.0%
  4. Add NSudo Configuration Editor?

    9 vote(s)
    75.0%
  5. Using Qt to implement the UI? (It may increase the binary size of NSudo.)

    3 vote(s)
    25.0%
  6. Compile NSudo with CMake?

    3 vote(s)
    25.0%
Multiple votes are allowed.
  1. Mouri_Naruto

    Mouri_Naruto MDL Senior Member

    Jul 10, 2014
    251
    858
    10
    Have more ways is not a bad thing.

    I think you can read: https://forums.mydigitallife.net/threads/run-explorer-as-ti.78329/

    Mouri
     
  2. Mouri_Naruto

    Mouri_Naruto MDL Senior Member

    Jul 10, 2014
    251
    858
    10
    #342 Mouri_Naruto, Dec 27, 2018
    Last edited: Dec 27, 2018
    (OP)

    Attached Files:

  3. brennt

    brennt MDL Novice

    Oct 4, 2018
    3
    0
    0
    #343 brennt, Dec 27, 2018
    Last edited: Dec 27, 2018
    But what's the difference (if it exists)? Thanks

    BTW, What does nSudo stand for? Nippon (or Naruto) Sudo? :)
     
  4. Mouri_Naruto

    Mouri_Naruto MDL Senior Member

    Jul 10, 2014
    251
    858
    10
    Please use the NSudo and you will know.

    It may stand for "N-series Sudo" because my ID have a capital "N".

    Mouri.
     
  5. Mouri_Naruto

    Mouri_Naruto MDL Senior Member

    Jul 10, 2014
    251
    858
    10
  6. MonarchX

    MonarchX MDL Expert

    May 5, 2007
    1,405
    240
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. app_raiser

    app_raiser MDL Junior Member

    Mar 18, 2018
    67
    25
    0
    would love to help with translation (german)! it is not that much text, and indeed read once - understand - is helpful with this tool, at least most important things.

    what is the most important thing to know about nSudo for the user in your opinion? (what maybe is difficult to transport with written letters..)
     
  8. Mouri_Naruto

    Mouri_Naruto MDL Senior Member

    Jul 10, 2014
    251
    858
    10
    First, I will thank for you help.


    I think every NSudo user should follow the principle of least privilege. (With great power comes great responsibility.) NSudo not only a tool which can run an app with the LocalSystem token, even the TrustedInstaller token, it also provides features which can help you to follow the principle of least privilege better. Let me give you an example:

    Starting from NSudo 3.x or later, we can create an environment similar to Internet Explorer Protected Mode. Here is the example:
    Code:
    NSudoC -U:C -M:L cmd
    If you don't want some apps pop up the UAC window and want to keep the low privilege. You can try "D" option in "U" option. Here is the example:
    Code:
    NSudoC -U:D -M:L cmd
    In NSudo 7.x (It will release in 2019.), we also provide you run an app in the App Container, even the Low Privilege App Container.
    And provide more control about the Access Token privileges and App Container capabilties.

    If you want to translate NSudo, I think you should try to use the "whoami" command line tool built in Windows for reference.

    I hope it can help you.

    Mouri
     
  9. Thomas Dubreuil

    Thomas Dubreuil MDL Member

    Aug 29, 2017
    134
    218
    10
    Thanks for your work! sorry I think I totally forgot to make traduction for last page (but it's almost same as the main "command" page)
    I try when I get the time soon.

    Not for me...There is no "bug" anymore, it might be a problem on your system only.
    Have you used Nsudo "Installer" or typed Nsudo -install ?
    NSudo -install adds the good command now (same one as NSudo installer)

    Can you copy and post the content of this key?
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\NSudo.RunAs.TrustedInstaller.EnableAllPrivileges\command ?

    With NSudo -install command, it should be:
    "C:\Windows\NSudo.exe" -U:T -P:E -ShowWindowMode=Hide cmd /c start "NSudo.ContextMenu.Launcher" "%1"

    With NSudo installer it should be same...with your own choosen path:
    "yourownpath\Nsudo.exe" -U:T -P:E -ShowWindowMode=Hide cmd /c start "NSudo.ContextMenu.Launcher" "%1"

    Also you can try replacing cmd with "direct launch" in registry and see if works, so you could better pinpoint the problem on your machine, like this:
    ...\NSudo.exe" -U:T -P:E "%1"
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. MonarchX

    MonarchX MDL Expert

    May 5, 2007
    1,405
    240
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. Thomas Dubreuil

    Thomas Dubreuil MDL Member

    Aug 29, 2017
    134
    218
    10
    #352 Thomas Dubreuil, Jan 1, 2019
    Last edited: Jan 1, 2019
    You haven't fully replied to the question...Check your registry commandstore key and then try the 2nd setting "option"...
    One thing is wrong, either the ability to parse commands to registry or worst your cmd shell.
    There is no bug (else than your tweaking "method").

    If you want to run everything in TI, use explorerTI.
    But in fact one should run things with least privilege principle as @Mouri_Naruto pointed out. This would avoid this kind of problems.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. app_raiser

    app_raiser MDL Junior Member

    Mar 18, 2018
    67
    25
    0
    first i was a bit surprised you suggest me to use "whoami", the result was as expected. so i tried it with /?

    i was not aware that this "tool" has so much options, what says a lot.

    running it in cmd.exe as trusted installer "with" highest privilege it says "nt-authority\system" :)

    i will keep in mind what you said about privileges!

    at this time i use nsudo to run MSMG (on my pc which is not connected to internet, in a vm created for imaging) because it is needed, and just works!

    greetings!
     
  13. boyonthebus

    boyonthebus MDL Member

    Sep 16, 2018
    103
    59
    10
    MSMG already runs with NSUDO.
    Code:
    @start /b "ToolKit - TrustedInstaller" "%~dp0Bin\%Arch%\NSudo.exe" -U:T -P:E "%~dp0ToolKit.cmd"
     
  14. Mouri_Naruto

    Mouri_Naruto MDL Senior Member

    Jul 10, 2014
    251
    858
    10
    @app_raiser

    I think you should try "whoami /all". And it can help you know most of concepts mentioned in NSudo.

    TrustedInstaller's Access Token = LocalSystem's Access Token + TrustedInstaller Service Group SID
    So it's actually just a LocalSystem's Access Token, but with the TrustedInstaller Service Group SID.

    Mouri
     
  15. app_raiser

    app_raiser MDL Junior Member

    Mar 18, 2018
    67
    25
    0
    #356 app_raiser, Jan 7, 2019
    Last edited: Jan 7, 2019
    @boyonthebus : i used the "beta" toolkithelper.exe which needs the toolkit to be started with nsudo anyway to avoid certain errors!

    worked without any problems, i am very pleased with latest image i created that way. best result so far.

    @Mouri_Naruto : i will dig in this deeper because i do have a lack of knowledge of this stuff. understanding this better is essential i think. thank you!
     
  16. freddie-o

    freddie-o MDL Junior Member

    Jul 29, 2009
    62
    38
    0
    #357 freddie-o, Jan 13, 2019 at 09:42
    Last edited: Jan 13, 2019 at 11:31
    Hi @Mouri_Naruto. Have you considered the possibility of "drag & drop" and if NSudo (shortcut) is added to "Send To" directory, the program or script will auto execute as Trusted Installer?