I work in the IT department of our organization. When a remote employee leaves the company we would like our automation tool (K1000) to push a batch file command to force change the BitLocker pin and reboot the computer. I wrote a batch file to change the PIN. It goes as far in command prompt to request a new pin but I can't get the batch to actually to accept the password.
In the below example, it just stays waiting for user input, any thoughts?
I'm hoping to use this for Windows 7 and 10.
#echo off
call :isAdmin
if %errorlevel% == 0 (
goto :run
) else (
echo Requesting administrative privileges...
goto :UACPrompt
)
exit /b
:isAdmin
fsutil dirty query %systemdrive% >nul
exit /b
:run
manage-bde -changepin c:
%SendKeys% "helloworld{ENTER}"
%SendKeys% "helloworld{ENTER}"
exit /b
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "cmd.exe", "/c %~s0 %~1", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
del "%temp%\getadmin.vbs"
exit /B
Related
I want to Run the batch script to start the Windows service if it crashes, so i configured the Recovery service to run a program for the First failure, Second Failure and subsequent Failure
i have a script working if i click Run as administrator or manually clicks, but the same script is not working(Shows Access is denied) under Run a program option in Windows Service recovery
the service is running under the Network Service account which does not have admin privilege
script-
#echo on
setlocal
CD /D "C:\ServiceBatch"
set email="GUID#domain.com"
set service=LanmanWorkstation
set output=LanmanWorkstation.txt
set Subject=LanmanWorkstation
net start %service%
sc query %service% >%output%
if errorlevel 1 (
wmailto %email% -s"%service% Started Succesfully" -t%output%
)
self elevated script as admin
:: BatchGotAdmin (Run as Admin code starts)
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
exit /B
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
pushd "%CD%"
CD /D "%~dp0"
:: BatchGotAdmin (Run as Admin code ends)
I am writing an application which uses batch file to copy some files to another location. I am using 64-bit windows 7.
I have asked for admin privileges too using below code:
Code block to get ADMIN right:
#echo off
:: BatchGotAdmin (Run as Admin code starts)
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
)
else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
exit /B
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
pushd "%CD%"
CD /D "%~dp0"
:: BatchGotAdmin (Run as Admin code ends)
:: Your codes should start from the following line
Code to copy a file to system32 folder:
copy /d /Y "D:\opt\optPath.txt" "C:\Windows\System32\"
There is no error in copy operation, but the file is copied to "C:\Windows\SysWOW64" location automatically. Need help.
Try using:
#echo off
:: Batch-Admin API
net file>nul 2>&1&&if "%~1"=="64" (goto:GotAdmin) else (if exist "%windir%\Sysnative\" (call start %windir%\Sysnative\cmd /c "%~0" 64&exit) else (goto:GotAdmin))
echo Requesting administrative privileges...
(echo Set UAC = CreateObject^("Shell.Application"^)
echo UAC.ShellExecute "%~s0", "ELEV","", "runas", 0 ) > "%temp%\admin.vbs"
cscript /Nologo "%temp%\admin.vbs"&exit
:GotAdmin
:: Place ADMIN tasks below
copy /d /Y "D:\opt\optPath.txt" "C:\Windows\System32\"
pause
exit
I modified rewrote your script to:
Use an alternative way to check for admin permissions net file && echo Admin || echo No-admin
Added 64-bit launcher VBScript launches everything as 32-bit (redirecting C:\Windows\System32 to C:\Windows\SysWOW64).
64-Bit launcher:
call start %WinDir%\SysNative\cmd /c %0 (This window is hidden)
I have a .bat file that call a third party application with some command line arguments added. Now I need this application to run as admin. I found an option to create shortcut to .bat file and then set it to run as admin, but then I am not able to pass command line arguments in this way.
I also found another option to do it as a .vbs script but I need to call this .vbs file from Run dialog and Run needs manually adding of extension for .vbs file.
What should I do in such case?
Take a look at this code:
#ECHO OFF
:: this tests if the file is running as admin
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
if '%errorlevel%' NEQ '0' (GOTO askAdmin)
GOTO gotAdmin
:askAdmin
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
exit /B
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
::from this point you can execute your command as admin
If you put that at the top of your batch-file it gives the user a "execute as admin" prompt and restarts the current batch-file as admin
I wrote this script to run a file remotely on another computer, however I would like to run it as an administrator user but for it to be shown on the user's computer. How do I run a script as administrator remotely but to show it on the user's profile?
#echo off
color 0a
SET /p ComputerName=ComputerName:
SET /p UserName=Please enter the username:
SET /p UserNamePassword=Please enter Username Password:
tasklist /s \\%ComputerName% /u %UserName% /p %UserNamePassword% /FI "memusage gt 200000"
SET /p Value=would you like to continue? Press 1 if yes.Press 2 to exit:
IF %Value% EQU 1 pushd \\NetworkPath & copy batfile.bat \\%ComputerName%\c$\Users\%UserName%\Desktop & popd & psexec -i -s -d \\%ComputerName% -u %UserName% -p %UserNamePassword% "C:\Users\%UserName%\Desktop\batfile.bat"
IF %Value% EQU 2 exit
You could try using the command line nircmd elevate "the path of your program.bat" to start the program. Or you could create another .bat file reading this:
nircmd elevate "the path of your program.bat"
exit
To open your main program, just open this second .bat program and it will open your main program as the administrator and then close itself out.
Nircmd is not a default windows command. You would have to download it from this website by clicking on the "Download NirCmd" button on the bottom of the webpage. Choose to save this .zip file, and when it is done, extract it. Then only copy the file "nircmd.exe" into your "system32" directory or %systemroot%. Now nircmd is part of the commands you can use in "cmd.exe".
I have nircmd on my computer, if you have trouble trusting it. It is a very useful tool to have. The above link also has a list of all of the functions and their descriptions.
You could also use this to make a batch-file run as admin:
SET ADMIN=0
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
if '%errorlevel%' NEQ '0' (GOTO askAdmin)
SET ADMIN=1
GOTO gotAdmin
:askAdmin
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
exit /B
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
Put that at the top of your batch-file
I was using Matt's idea over here. The only changes I made was adding the two netstat commands at the bottom and removed cmd /k since that seemed to make the script freeze. This script is causing firefox to crash. Can I please get some ideas on how and why this is happening? How do I fix this?
How can I auto-elevate my batch file, so that it requests from UAC administrator rights if required?
:::::::::::::::::::::::::::::::::::::::::
:: Automatically check & get admin rights
:::::::::::::::::::::::::::::::::::::::::
#echo off
CLS
ECHO.
ECHO =============================
ECHO Running Admin shell
ECHO =============================
:checkPrivileges
NET FILE 1>NUL 2>NUL
if '%errorlevel%' == '0' ( goto gotPrivileges ) else ( goto getPrivileges )
:getPrivileges
if '%1'=='ELEV' (shift & goto gotPrivileges)
ECHO.
ECHO **************************************
ECHO Invoking UAC for Privilege Escalation
ECHO **************************************
setlocal DisableDelayedExpansion
set "batchPath=%~0"
setlocal EnableDelayedExpansion
ECHO Set UAC = CreateObject^("Shell.Application"^) > "%temp%\OEgetPrivileges.vbs"
ECHO UAC.ShellExecute "!batchPath!", "ELEV", "", "runas", 1 >> "%temp%\OEgetPrivileges.vbs"
"%temp%\OEgetPrivileges.vbs"
exit /B
:gotPrivileges
::::::::::::::::::::::::::::
::START
::::::::::::::::::::::::::::
setlocal & pushd .
REM Run shell as admin (example) - put here code as you like
net stop "Audiosrv"
net start "Audiosrv"