I want to Run the batch script to start the Windows service if it crashes, so i configured the Recovery service to run a program for the First failure, Second Failure and subsequent Failure
i have a script working if i click Run as administrator or manually clicks, but the same script is not working(Shows Access is denied) under Run a program option in Windows Service recovery
the service is running under the Network Service account which does not have admin privilege
script-
#echo on
setlocal
CD /D "C:\ServiceBatch"
set email="GUID#domain.com"
set service=LanmanWorkstation
set output=LanmanWorkstation.txt
set Subject=LanmanWorkstation
net start %service%
sc query %service% >%output%
if errorlevel 1 (
wmailto %email% -s"%service% Started Succesfully" -t%output%
)
self elevated script as admin
:: BatchGotAdmin (Run as Admin code starts)
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
exit /B
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
pushd "%CD%"
CD /D "%~dp0"
:: BatchGotAdmin (Run as Admin code ends)
Related
I work in the IT department of our organization. When a remote employee leaves the company we would like our automation tool (K1000) to push a batch file command to force change the BitLocker pin and reboot the computer. I wrote a batch file to change the PIN. It goes as far in command prompt to request a new pin but I can't get the batch to actually to accept the password.
In the below example, it just stays waiting for user input, any thoughts?
I'm hoping to use this for Windows 7 and 10.
#echo off
call :isAdmin
if %errorlevel% == 0 (
goto :run
) else (
echo Requesting administrative privileges...
goto :UACPrompt
)
exit /b
:isAdmin
fsutil dirty query %systemdrive% >nul
exit /b
:run
manage-bde -changepin c:
%SendKeys% "helloworld{ENTER}"
%SendKeys% "helloworld{ENTER}"
exit /b
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "cmd.exe", "/c %~s0 %~1", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
del "%temp%\getadmin.vbs"
exit /B
I am writing an application which uses batch file to copy some files to another location. I am using 64-bit windows 7.
I have asked for admin privileges too using below code:
Code block to get ADMIN right:
#echo off
:: BatchGotAdmin (Run as Admin code starts)
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
)
else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
exit /B
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
pushd "%CD%"
CD /D "%~dp0"
:: BatchGotAdmin (Run as Admin code ends)
:: Your codes should start from the following line
Code to copy a file to system32 folder:
copy /d /Y "D:\opt\optPath.txt" "C:\Windows\System32\"
There is no error in copy operation, but the file is copied to "C:\Windows\SysWOW64" location automatically. Need help.
Try using:
#echo off
:: Batch-Admin API
net file>nul 2>&1&&if "%~1"=="64" (goto:GotAdmin) else (if exist "%windir%\Sysnative\" (call start %windir%\Sysnative\cmd /c "%~0" 64&exit) else (goto:GotAdmin))
echo Requesting administrative privileges...
(echo Set UAC = CreateObject^("Shell.Application"^)
echo UAC.ShellExecute "%~s0", "ELEV","", "runas", 0 ) > "%temp%\admin.vbs"
cscript /Nologo "%temp%\admin.vbs"&exit
:GotAdmin
:: Place ADMIN tasks below
copy /d /Y "D:\opt\optPath.txt" "C:\Windows\System32\"
pause
exit
I modified rewrote your script to:
Use an alternative way to check for admin permissions net file && echo Admin || echo No-admin
Added 64-bit launcher VBScript launches everything as 32-bit (redirecting C:\Windows\System32 to C:\Windows\SysWOW64).
64-Bit launcher:
call start %WinDir%\SysNative\cmd /c %0 (This window is hidden)
The question is different from How can I auto-elevate my batch file, so that it requests from UAC administrator rights if required?
since there will be some problems when passing arguments to a batch file which has the code of acquiring administrative privileges.
After the privileges have been obtained, the arguments is lost and become undefined.
I solve this problem by storing the arguments to a file first, please see detail in my answer.
Say the require batch file is run_as_admin.bat,
By running run_as_admin.bat your_command your_params we can execute the command with administrative privileges (e.g. run_as_admin delete /path/to/system_file).
To run parameters as command, run_params_as_cmd.bat
%*
pause
To get administrative privileges, I find some code
from http://larrynung.github.io/2014/01/01/batch-run-as-administrator/
Then I tried the following code run_as_admin.bat:
#echo off
call:TryToRunAsAdmin
if %ERRORLEVEL%==1 exit /B
echo got administrative privileges...
:: run parameters as command <<< Here '%*' seems not be executed as a command.
%*
pause
goto :eof
:TryToRunAsAdmin
set GetAdminScriptFile="%temp%\getadmin.vbs"
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
call:UACPrompt
set ERRORLEVEL=1
) else (
if exist %GetAdminScriptFile% ( del %GetAdminScriptFile% )
set ERRORLEVEL=0
)
goto :eof
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > %GetAdminScriptFile%
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> %GetAdminScriptFile%
call %GetAdminScriptFile%
goto :eof
To test that code, I tried some command which needs admin privileges
run_as_admin.bat reg add "HKLM\SOFTWARE\Classes\.php" /v PerceivedType /d text
run_as_admin.bat %SystemRoot%\system32\drivers\etc\hosts_old.txt
but these commands seem to be not executed but ignored as a string.
I guess the problem is related to the code, is there any other ways to
write a batch file can run parameters as a command with administrative privileges?
The arguments passing to run_as_admin.bat will gone when requesting administrative privileges.
So you need to store the arguments first.
Here is the solution:
#echo off
SET commandline=%*
:: store it to file
echo %commandline% > "__temp__.bat"
:: BatchGotAdmin
:-------------------------------------
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
set params = %*:"=""
echo UAC.ShellExecute "cmd.exe", "/c %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
del "%temp%\getadmin.vbs"
exit /B
:gotAdmin
pushd "%CD%"
CD /D "%~dp0"
:--------------------------------------
:: execute command administrative privileges with and then delete the temp file
call "__temp__.bat"
del "__temp__.bat"
pause
I have a .bat file that call a third party application with some command line arguments added. Now I need this application to run as admin. I found an option to create shortcut to .bat file and then set it to run as admin, but then I am not able to pass command line arguments in this way.
I also found another option to do it as a .vbs script but I need to call this .vbs file from Run dialog and Run needs manually adding of extension for .vbs file.
What should I do in such case?
Take a look at this code:
#ECHO OFF
:: this tests if the file is running as admin
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
if '%errorlevel%' NEQ '0' (GOTO askAdmin)
GOTO gotAdmin
:askAdmin
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
exit /B
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
::from this point you can execute your command as admin
If you put that at the top of your batch-file it gives the user a "execute as admin" prompt and restarts the current batch-file as admin
I was using Matt's idea over here. The only changes I made was adding the two netstat commands at the bottom and removed cmd /k since that seemed to make the script freeze. This script is causing firefox to crash. Can I please get some ideas on how and why this is happening? How do I fix this?
How can I auto-elevate my batch file, so that it requests from UAC administrator rights if required?
:::::::::::::::::::::::::::::::::::::::::
:: Automatically check & get admin rights
:::::::::::::::::::::::::::::::::::::::::
#echo off
CLS
ECHO.
ECHO =============================
ECHO Running Admin shell
ECHO =============================
:checkPrivileges
NET FILE 1>NUL 2>NUL
if '%errorlevel%' == '0' ( goto gotPrivileges ) else ( goto getPrivileges )
:getPrivileges
if '%1'=='ELEV' (shift & goto gotPrivileges)
ECHO.
ECHO **************************************
ECHO Invoking UAC for Privilege Escalation
ECHO **************************************
setlocal DisableDelayedExpansion
set "batchPath=%~0"
setlocal EnableDelayedExpansion
ECHO Set UAC = CreateObject^("Shell.Application"^) > "%temp%\OEgetPrivileges.vbs"
ECHO UAC.ShellExecute "!batchPath!", "ELEV", "", "runas", 1 >> "%temp%\OEgetPrivileges.vbs"
"%temp%\OEgetPrivileges.vbs"
exit /B
:gotPrivileges
::::::::::::::::::::::::::::
::START
::::::::::::::::::::::::::::
setlocal & pushd .
REM Run shell as admin (example) - put here code as you like
net stop "Audiosrv"
net start "Audiosrv"