Map Drive in RunOnce Batch File - windows

I searched all over and haven't found this answer yet.
I have a script to set up user accounts and windows customizations for new or reimaged computers. I'm mapping drive via a RUNONCE registry entry, and I'm having trouble. This local network is a Workgroup, not a domain, all PC's running Win7Pro or Win10Pro. The office manager's PC is the local file server, and I'm attempting to map a drive to it from the other computers.
Here is the portion of the RUNONCE batch file I'm having an issue with:
:PROMPTFORPMHOSTNAME
ECHO This PC was identified during InitialSetup as a Leasing Office PC.
ECHO This PC's Host Name is %computername%.
ECHO.
SET /P PMHOSTNAME="Enter the Property Manager PC Hostname: "
:MAPDRIVE
ECHO - Map M Drive
NET USE M: /delete >nul 2>&1
NET USE M: \\%PMHOSTNAME%\Data >nul 2>&1
NET USE M: \\%PMHOSTNAME%\Data /user:%computername%\[username] [password] /persistent:yes
NET USE /persistent:yes >nul 2>&1
TIMEOUT /T 5 /NOBREAK >nul 2>&1
In my scenario, the initial script uses a local admin account to create a user account via NET USER, then places the RUNONCE in the registry. After a reboot, I enter the newly created account, and the RUNONCE runs as planned.
The issue is that the RUNONCE is being run as administrator. So when it mapped the drives, it does so under the administrator-level and not the user-level. It says that the drive has been mapped successfully, but it doesn't show up.
I'm able to replicate this by running CMD in two instances, once as admin, and once as user. When I map the drive as admin, it says it's successful and doesn't show up in Explorer. When I map the drive as user, it's successful and shows as it should.
So I need to know how to get the RUNONCE to run as the logged in user so this mapped properly. Or show what in the hell I'm doing wrong and what I'm missing that should be obvious and just isn't given my current level of frustration. :P
Thanks so much everyone! I really appreciate your help in advance. :)

Persistent network drive mappings are always registered by Windows per user account and the network drives are connected only when the user logs in and are automatically disconnected on user logs out.
There are two RunOnce registry keys as described by the Microsoft documentation page Run and RunOnce Registry Keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
On 64-bit Windows there are even two more RunOnce keys as above are for 64-bit applications and below are for 32-bit applications which does not matter for this task:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_CURRENT_USER\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
It is no good idea to use HKLM or HKCU of the administrator account on using the administrator account to register the batch file to be executed once for persistent mapping the share to drive letter M.
Better would be registering the batch file under
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
And the batch file uses reg delete for deleting itself from
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
But this works only if the user account on which the persistent drive mapping should be done once is not already created when registering the batch file in default user account registry hive.
I would be also possible not using RunOnce at all and create instead a shortcut (*.lnk) file in the directory read from registry with reg query from value Startup under registry key
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
And the batch file on execution deletes the shortcut file in the startup directory of the current user account, i.e. in directory read from registry with reg query from value Startup under registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
This approach, also working only with user account on which to execute the batch file does not already exist, is perhaps even better than running the batch file via RunOnce as the shortcut file can contain properties like window height and width suitable for this task.
By the way: The command line
NET USE M: \\%PMHOSTNAME%\Data /user:%computername%\[username] [password] /persistent:yes
is enough to create the drive mapping and enable persistent saving of all network drive connections in registry for current user account. The line above and the line below this line are counterproductive in worst case.
Please note that the option /PERSISTENT:YES changes the registry value SaveConnections under registry key HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Network\Persistent Connections to the string value yes which results in remembering from now on all network connections under registry key HKEY_CURRENT_USER\Network. The option /PERSISTENT:YES can be omitted if the registry value SaveConnections has already the string value yes on using NET USE to create the network connection and store it in Windows registry hive for current user.
For the deletion use:
%SystemRoot%\System32\net.exe USE M: /DELETE /YES 2>nul
It is better to specify in a batch file external Windows commands like NET with their fully qualified file names for a more fail-safe and faster execution because in this case the Windows command processor does not need to search for the file with name net in current directory and next in one directory after the other listed in value of environment variable PATH having a file extension listed in value of environment variable PATHEXT.

Related

WMI Getting Registry Value via Command Prompt

I need to verify if a chrome extension is installed or not installed on remote computers.
Extension id is unique value like that "234aljksdfklja3idffklsasf".
I need to search "HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings"
direction for extension id "234aljksdfklja3idffklsasf"
How to do that?
i think i will use code below but i need some help
WMIC /NameSpace:\root\default Class StdRegProv ....
Instead of WMIC, you should use the REG cmd, it's made to do this.
The HKCU is whatever the user running the command's registry key is.
Reg allows you to load and check the registry keys of any users not just the one running the command, even users who have not logged in since the last reboot.
Since this is a chrome extension you may need to check every used on the system to see if each has it enabled individually.
Alternatively there is probably an HKLM key that corresponds to the extension being installed, if all you want to know is if it's present at all so it can be removed.
Reg also allows you to query your computers through the network.
One issue you will have if you need to check every user's registry for the key is you need to know what the user's SIDs present on the systen are.
This is findable by querying HKLM, but I am on mobile and can't recall how without getting on my computer later to do this.
Alternatively you can also just load the reg hive file by looping the fire tory structure of the remote machine and loading each user.dat file through the reg command which is much simpler but then the code must execute on each remote machine through a login script or GPO script push.
Basically you can use reg in this manner on a local machine to check the reg of the user you are running as (HKCU)
(reg query "HKCU\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings" /s | FIND /I "234aljksdfklja3idffklsasf") && Echo.FOUND 234aljksdfklja3idffklsasf
Of course to run on another computer it's fairly simple to do, but HKCU will be the reg of the admin user you ran the command as with access to that other system, or you can try HKLM to see if that setting exists on the local machine key, which the following checks HKLM instead.
(reg query \\[Computer_Name_or_IP_Address]\hklm\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings /s | FIND /I "234aljksdfklja3idffklsasf") && Echo.FOUND 234aljksdfklja3idffklsasf
You could loop a set of computer names/IPs and check each using the above command inside the loop like so:
FOR %A IN (
Computer_A
192.168.12.13
192.168.12.31
Computer_C
) DO (
(
reg query \\%~A\hklm\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings /s | FIND /I "234aljksdfklja3idffklsasf"
) && Echo.%~A -- FOUND 234aljksdfklja3idffklsasf || ECHO.%~A -- Key Not Found!
)
If you need to check the actual HKCU of every used on the system then you need to load each reg hive on the system and check it, this is true if you use WMIC as well, and Reg is faster.
From the MS reg page:
reg query <KeyName> [{/v <ValueName> | /ve}] [/s] [/se <Separator>] [/f <Data>] [{/k | /d}] [/c] [/e] [/t <Type>] [/z]
i got one more solution to this situation. But only works if extension is packed. Btw this solution also doesnt solve my problem because my extension is unpacked.
Packeted extensions are stored "AppData\Local\Google\Chrome\User Data\Default\Extensions".
wmic /node:remoteip datafile where "name='C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\extensionid\1.0.4_0\manifest.json'"
if extension installed command returns manifest.json file specs.
I got the solution;
wmic /node:ipaddr /NAMESPACE:"\\root\DEFAULT" class stdregprov call GetStringValue ^&H80000001,"SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings","extensionid"
On localhost, it works but on remote computers access denied.

Trying to create a user input login in a batch file

I am trying to create a batch file that will allow a user to input a login and password when it come to mapping a network drive. This is what I have so far:
net use X: \\domain.local\SharedApps /user:domain.local\LOGIN "PASS"
- I have to run this command manually in admin CMD as i dont know how to elevate it in the script. It maps the drive in CMD admin so the rest of the batch files can run.
call X:\_NewComputers\SyncDist.bat
- Syncs files that allow the running of JoinDomain
timeout 360
- SyncDist downloading files so i placed this to prevent the bat's from overlapping
call X:\_NewComputers\JoinDomain.bat
- Joins the domain and restarts the computer to run scripts for printers and Network Drives
I have removed the user and pass from the batch. I want the user to input that information so that if a random user opens the file they don't have administration credentials.
Is it even possible to do it in a batch file or would it have to be a different language and call on the batch file itself?
I can also provide the Other batch file makeups if required they are mostly linking to their respective files elsewhere in the drive. Any help is welcome.
To elevate a batch script, check out this script, it is easy to use, just copy to the end of your file and create a batch file like the example.
To input username and password to a variable, use this:
set /p _username=Type your username:
set /p _password=Type your password:
and to use the saved variables later:
net use X: \\domain.local\SharedApps /user:domain.local\%_username% %_password%
JFYI: you do not neet to map a network drive to use it, if your credentials already have permission for it. You can simply use 'pushd':
pushd \\domain.local\SharedApps
This will create a temporary mapped drive using an available drive letter, then you can do all your work and remove the temporary drive with 'popd' command.
If you use the admin elevation script mentioned above, you might be able to map the drive with pushd, having no need to ask for username and password again.

Script to remap current network drive?

We need to disconnect and re-map a network drive on Windows 7, using a set of scripts (or an app) that runs off the same network path.
That is, I need something that loads itself into RAM before it runs, so it continues to run after the drive is disconnected.
Any ideas?
Please note that 16-bit apps are NOT supported in 64 bit systems (this explains why the Novell utility failed).
You would need a vbs file running throughout a logon session to remap drives if it's disconnected by user. Need to make this script to run when domain user logs on - e.g. Logon Script in AD or GPO. There are many ways to do it.
You could even disable "Remove Network drives" feature from Explorer GUI via GPO or Reg key (net use command still works).
Or you can tweak solution by Julius for this SO question to fit your need. But consider performance impact of the vbs - only check every n minute(s) in an infinite loop.
We do something similar. We have a batch file on the network that maps the drives a user needs. We update the batch file from time to time, and users run it from a shortcut that we've placed on their desktop:
C:\WINDOWS\system32\cmd.exe /c (#echo off&if not exist \\172.x.x.x\Login (echo Unable to access server&pause) else (md c:\TMP > NUL 2>&1 &copy \\172.x.x.x\Login\MapDrives.bat C:\TMP /y > NUL 2>&1 &call C:\TMP\MapDrives.bat&del C:\TMP\MapDrives.bat&rd c:\TMP))
You can see that it checks to see if they can access the server, and if they can, it creates a folder C:\TMP, copies the MapDrives.bat file locally, then runs it. Since it is running locally, it can remap network drives without terminating it own execution. And we can update the batch file on the server without pushing it to each user's computer.
If you don't want to create a shortcut with the long command line above, it might work to create a second batch file on the server (e.g., RunMe.bat) that users run from the server. You could place all of the code from the shortcut in the RunMe.bat and accomplish the same thing. Of course, you'd want to add one more line of code to change to the local drive (so Windows doesn't hold open a handle to the network drive). Something like this:
#echo off
C:
if not exist \\172.x.x.x\Login\MapDrives.bat (
echo Unable to access server
pause
) else (
md c:\TMP > NUL 2>&1
copy \\172.x.x.x1\Login\MapDrives.bat C:\TMP /y > NUL 2>&1
C:\TMP\MapDrives.bat
)
I kept the if not exist ... because you might place the RunMe.bat in a different location than the MapDrives.bat, so it still makes sense to verify the user can access the file. Because I didn't use call C:\TMP\MapDrives.bat, it transfers control to the local batch file and any handles to the server should be closed so the drive can be remapped. This means however, that you cannot place more commands after the C:\TMP\MapDrives.bat command.

How do I deny log on through Terminal Services (RDP) from a command line?

In Windows 2003, I can start...
Control Panel -> Administrative Tools -> Local Security Policy
Then, if I go to...
Local Policies -> User Rights Assignment -> Deny log on through Terminal Services
... it lets me deny RDP access to a certain user account (even if that account is an admin).
How can I do the same thing from the command line, so I can automate it?
You should be able to use the reg command to modify the registry key that corresponds to this group policy setting.
To disable, try this from a batch file:
reg ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server"
/v fDenyTSConnections
/t REG_DWORD
/d 1
/f
I've wrapped the switches onto multiple lines for readability, make sure to put all that on one line in your batch file. I don't have access to a Windows 2003 server to confirm those two settings are one in the same but I believe they are. You could use Process Monitor to watch which registry key changes when you change that GP setting to sniff out which one it is in the event that I have the wrong key.
It appears you can also change this using the NTRights Utility and the SeDenyRemoteInteractiveLogonRight right. The syntax for that would be:
NTRights.exe -u user +r SeDenyRemoteInteractiveLogonRight

Can't copy files to UNC Destinations if BAT file is called via scheduled task

I have a bat file copying files from current machine to mapped network drive (one line, xcopy command).
It works when I RDP to server. However, when I run as a scheduled task, and configure it to run under the same user I'm logged in, it doesn't work and give error 0x4.
Is there a way I can achieve this?
I also try dsynchronize and it works when I click synchronized. When I run it as service same issue.
I was able to figure it out. Following batch files works under scheduler, even as local system account:
net use m: \\server\share /U:server\user password
xcopy C:\source m: /E /Y
It maps a network drive every time and then copy to that drive
It's possible to copy files to a UNC path without mapping as a network drive.
Just try to set the UNC path in quotes.
copy * "\\server\share"
Without the quotes, i got a "syntax error" running on Windows7 command line.
I had similar issue where I wanted to copy file(s) from a server to hundreds of other servers without mapping a remote drive to my local PC. I didn't have enough drive letters to map hundreds of remote machines to my local PC! I couldn't just map the remote drive and copy.
I thought I could use copy, xcopy, or robocopy, and specify my creds to the copy command. But none of the copy commands had any options to provide credentials to remote system.
Thanks to the post above, I was able to create a small batch file where I just loop through my hosts, and keep re-using just one drive mapping for all my hosts.
Here is my batch file...
echo #off
for /F %%j in (pchostslist1.txt) do (
net use z:\\%%j\c$ /user:domain\myusername mypassword
mkdir \\%%j\c$\tmp\mynewdir
xcopy c:\anyfile.txt \\%%j\c$\tmp\mynewdir
net use z: /delete
)
I had a similar issue and instead of using net use I simply needed to store the password as part of the scheduled task. You'll notice that it says it only has access to local resources if it's ticked.
Who maps the network drive? And are you using the mapped name, instead of the underlying UNC native path? Because it sounds like the mapped drive is setup in your login script, which doesn't run if you're not logged in. So, in a scheduled task, you do have the correct credentials for the UNC path, but no mapped drive letter.

Resources