Every week, I have to take the backup of all the project files from SVN and put into my system and remove the write permission for everyone. So that it won't be changed accidentally in local system.In the next time, I have to delete these files and make a fresh copy from SVN. I am trying to automate this. I wrote a bat file for this. The code is below
::#echo off
set folder="d:/delete_It"
set user[0]="username#My_Company_WebSite.com"
set user[1]="BLRTESLTP-username\Administrators"
set user[2]="Everyone"
set user[3]="domain\user"
set user[4]="everyone"
set user[5]="Authenticated Users"
set user[6]="NT AUTHORITY\Authenticated Users":
set user[7]="My_Company_Network\username"
set user[8]="BUILTIN\Administrators"
set user[9]="NT AUTHORITY\Authenticated Users"
set user[9]="BUILTIN\Users"
icacls %folder% /T /grant %user[2]%:(OI)F
icacls %folder% /T /grant %user[2]%:(OI)W
cd /d %folder%
rm -r -f /Q *.*
del *.* /F /Q
set svn="svn_Address"
svn checkout %svn% %folder%
icacls %folder% /T /deny %user[2]%:(OI)(CI)W
Now the problem is even though I am removing the Write permission only, I couldn't open the folder "d:\delete_It". It is showing that I am not having permission to open the folder.The screenshot is below.
I opened the command prompt with admin privileges, and ran the script. But the effects were same.Can anybody say what is wrong? And how to achieve this?
Note: I am using "Windows 10 Pro" 64-bit OS
I have a requirement where i need to delete the contents of the temp folder on number of remote windows machines.
i tried below wmic command to delete
WMIC /node:...** /user:xxxx /password:xxxx path cim_datafile WHERE "path='%Winddir%\temp*.tmp' AND Extension ='tmp'" delete**
But it throws an error saying
ERROR:
Description = The RPC server is unavailable.
Please suggest me a way to delete temp folder contents on remote machine.
Most simple way - if you're not strictly forced to use WMI, you can do that with psexec:
PsExec.exe \\<computer> cmd /c "rmdir /s /q %windir%\temp\"
or, if you're not logged into domain admin or global workstations admin account -
PsExec.exe -u <user> -p <password> \\<computer> cmd /c "rmdir /s /q %windir%\temp\"
If should not completely delete the folder since Windows keeps some files open and locked inside it, but anything not read-only or locked would be deleted, both files and folders.
Then, to do this with a list of computers, just use a cmd file like this (list.txt contains just computer names/ips, without \:
for /F %%s in (list.txt) do (
echo %%s
start "" /min PsExec.exe \\%%s cmd /c "rmdir /s /q %windir%\temp\"
)
Start command makes all psexec processes run in parallel and minimized so you don't have to wait for each computer to finish before starting another
psexec.exe is a part of sysinternals package from M. Russinovich, I'd like to leave a direct link but don't know if it's permitted or not.
I think it should be able to connect to remote pcs if you have access to file shares and remote computer management (and admin rights of course)
I am trying to run this code in a windows batch (.bat) file
#echo off
echo Adding New User - LogMeInRemoteUser
net user | find /i "LogMeInRemoteUser" || Net user LogMeInRemoteUser password /add /fullname:"LogMeInRemoteUser"
pause
echo Adding User to Administrators Group
NET LOCALGROUP Administrators "LogMeInRemoteUser" /ADD
pause
echo Creating Registry Keys to remove the new user from the login page
REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon\SpecialAccounts\UserList" /v "LogMeInRemoteUser" /t REG_DWORD /d 0
pause
echo Finished
if i run the file normally, i get an Access Denied error so I try to run as Administrator but the cmd windows opens and instantly closes, what have i done wrong?
When you run as administrator the current directory is changed under you. To prove that (and fix it) enter these 3 lines under your #echo off
echo(%cd%
pushd %~dp0
echo(%cd%
You can remove both of the echo( statements after you see what is happening.
So, I am trying to create a .bat to taskkill a specific program in Win7.
I am using the command:
taskkill /f /im "LCore.exe"
The .bat needs to be run as admin in order to work it seems so I have created a shortcut to it to run automatically in admin mode as specified in another thread (How to code a BAT file to always run as admin mode?).
However, when using the Microsoft Mouse and Keyboard Center to map one of my additional keys to run the shortcut it automatically runs the target of the shortcut rather than the shortcut itself which doesn't have the admin privileges needed (when selecting to map the shortcut it automatically changes the path to the target, manually setting the path returns a 'not found' error).
So basically I was wondering if there is another way that doesn't involve creating a shortcut to automatically run a .bat with elevated privileges.
#ECHO OFF
OPENFILES>NUL 2>&1
IF "%ERRORLEVEL%"=="0" GOTO :YouAreAdmin
GOTO :GetAdmin
:GetAdmin
ECHO.Set UAC = CreateObject^("Shell.Application"^) > "StartAsAdmin.vbs"
ECHO.UAC.ShellExecute "%~fs0", "", "", "runas", 1 >> "StartAsAdmin.vbs"
StartAsAdmin.vbs
DEL "StartAsAdmin.vbs"
EXIT /B
:OK
REM Your code starts here!
ECHO.
ECHO. If you see this, you have started as admin this bat file.
PAUSE>NUL
EXIT
Sorry, but I am new! :)
So first, OPENFILES command checks if you have runned program as administrator, like any command that needs administrator privileges. If you type >NUL 2>&1 after a command, CMD will hide any message from that command and will redirect error. So if you have troubles running a simple command action like OPENFILES, the only error that you can have is that batch file doesen't have administrator privileges. And if %ErrorLevel% is 0 (you have no errors running that command), it seems that you started application as administrator, so it steps to :OK label. But if %ErrorLevel% is not 0 (there is a problem), it seems that application doesen't have administrator privileges. So it will start automatly as administrator from a temporary VBScript generated by that batch file, then is started, and then deleted.
In Windows 7 you don't need to write additional scripts, because it has built-in "PowerShell" instrument. Try the following :
powershell.exe start-process taskkill.exe -verb runas -argumentlist '/f /im "LCore.exe"'
I have this line inside my BAT file:
"Example1Server.exe"
I would like to execute this in Administrator mode. How to modify the bat code to run this as admin?
Is this correct? Do I need to put the quotes?
runas /user:Administrator invis.vbs Example1Server.exe
The other answer requires that you enter the Administrator account password. Also, running under an account in the Administrator Group is not the same as run as administrator see: UAC on Wikipedia
Windows 7 Instructions
In order to run as an Administrator, create a shortcut for the batch file.
Right click the batch file and click copy
Navigate to where you want the shortcut
Right click the background of the directory
Select Paste Shortcut
Then you can set the shortcut to run as administrator:
Right click the shortcut
Choose Properties
In the Shortcut tab, click Advanced
Select the checkbox "Run as administrator"
Click OK, OK
Now when you double click the shortcut it will prompt you for UAC confirmation and then Run as administrator (which as I said above is different than running under an account in the Administrator Group)
Check the screenshot below
Note:
When you do so to Run As Administrator, the current directory (path) will not be same as the bat file. This can cause some problems in many cases that the bat file refer to relative files beside it. For example, in my Windows 7 the cur dir will be SYSTEM32 instead of bat file location!
To workaround it, you should use
cd "%~dp0"
or better
pushd "%~dp0"
to ensure cur dir is at the same path where the bat file is.
You use runas to launch a program as a specific user:
runas /user:Administrator Example1Server.exe
Just add this to the top of your bat file:
set "params=%*"
cd /d "%~dp0" && ( if exist "%temp%\getadmin.vbs" del "%temp%\getadmin.vbs" ) && fsutil dirty query %systemdrive% 1>nul 2>nul || ( echo Set UAC = CreateObject^("Shell.Application"^) : UAC.ShellExecute "cmd.exe", "/k cd ""%~sdp0"" && %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs" && "%temp%\getadmin.vbs" && exit /B )
It will elevate to admin and also stay in the correct directory. Tested on Windows 10.
If you can use a third party utility, here is an elevate command line utility.
The source and binaries are available on GitHub.
This is the usage description:
Usage: Elevate [-?|-wait|-k] prog [args]
-? - Shows this help
-wait - Waits until prog terminates
-k - Starts the the %COMSPEC% environment variable value and
executes prog in it (CMD.EXE, 4NT.EXE, etc.)
prog - The program to execute
args - Optional command line arguments to prog
You can use nircmd.exe's elevate command
NirCmd Command Reference - elevate
elevate [Program] {Command-Line Parameters}
For Windows Vista/7/2008 only: Run a program with administrator rights. When the [Program] contains one or more space characters, you must put it in quotes.
Examples:
elevate notepad.exe
elevate notepad.exe C:\Windows\System32\Drivers\etc\HOSTS
elevate "c:\program files\my software\abc.exe"
PS: I use it on win 10 and it works
go get github.com/mattn/sudo
Then
sudo Example1Server.exe
convert your batch file into .exe with this tool: http://www.battoexeconverter.com/ then you can run it as administrator
My experimenting indicates that the runas command must include the admin user's domain (at least it does in my organization's environmental setup):
runas /user:AdminDomain\AdminUserName ExampleScript.bat
If you don’t already know the admin user's domain, run an instance of Command Prompt as the admin user, and enter the following command:
echo %userdomain%
The answers provided by both Kerrek SB and Ed Greaves will execute the target file under the admin user but, if the file is a Command script (.bat file) or VB script (.vbs file) which attempts to operate on the normal-login user’s environment (such as changing registry entries), you may not get the desired results because the environment under which the script actually runs will be that of the admin user, not the normal-login user! For example, if the file is a script that operates on the registry’s HKEY_CURRENT_USER hive, the affected “current-user” will be the admin user, not the normal-login user.
When you use the /savecred argument, it asks for the password once, and than never asks for it again. Even if you put it onto another program, it will not ask for the password. Example for your question:
runas /user:Administrator /savecred Example1Server.exe
I Tested #Sire's answer on Windows 11, and it works like a charm. It's worth mentioning that using cmd /k - as #Sire has used - will keep the Administrator CMD open after it finishes running. Using cmd /c instead will close the window when it's over with the batch file.
set "params=%*"
cd /d "%~dp0" && ( if exist "%temp%\getadmin.vbs" del "%temp%\getadmin.vbs" ) && fsutil dirty query %systemdrive% 1>nul 2>nul || ( echo Set UAC = CreateObject^("Shell.Application"^) : UAC.ShellExecute "cmd.exe", "/c cd ""%~sdp0"" && %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs" && "%temp%\getadmin.vbs" && exit /B )
I found there is possible to use powershell. The powershell will show the default Windows UAC Dialog.
powershell Start -File Example1Server.exe -Verb RunAs
For execute BAT file with admin rights, the content of the BAT file can look as this:
#echo off
if "%1"=="runas" (
cd %~dp0
echo Hello from admin mode
pause
) else (
powershell Start -File "cmd '/K %~f0 runas'" -Verb RunAs
)
where:
%1 First input argument assigned to BAT file.
%~f0 expands to full path to the executed BAT file
%~dp0 expands to full directory path from where the BAT file is executed
cmd -C <commands> Execute command in terminal and close
Use the complete physical drive\path to your Target batch file in the shortcut Properties.
This does not work in Windows 10 if you use subst drives like I tried to do at first...