Verify / Check permissions of all running Windows services - windows

I am trying to verify permissions of all services running on windows. Though verifying permissions individually is quite painful.
Is there any way of piping the result from windows command net start to icacls, to identify permissions for all services?

for %s in (*.exe) do icacls %s //Ensure this command is executed after navigating into C://Windows/System32 directory

Related

Batch administrator permission check

Good morning,
I'm trying to verify if a batch is executed with administrator permission.
I found this command to verify:
openfiles >nul 2>&1
if NOT %errorLevel% == 0
...
or net session instead of openfiles.
Everything works if I open command prompt as administrator and return an error if I use normal command prompt.
The problem appears when i try to execute two batch in a single elevated permissions command prompt;
The first batch is executed correctly, the second return permissions error.
what am i doing wrong?
It's not as compact as the method you're using, but another method I've successfully used numerous times in the past is as follows:
IF EXIST %SYSTEMROOT%\SYSTEM32\WDI\LOGFILES GOTO GOTADMIN
[Whatever commands you want to run if not running as admin]
:GOTADMIN
[Whatever commands you want to run if running as admin]
This works because, by default, Windows only allows access to the WDI directory with elevated permissions. Thus, by telling the script to look inside that directory for another directory that is supposed to exist, it can be used to detect whether it's running as admin or not. If yes, it'll see that LOGFILES exists and return True. If no, it won't be allowed access to the WDI files, therefore it won't see that LOGFILES exists and will return False.
Admittedly, this only works if the default security permissions on the WDI directory have not been changed, but from my experience it is highly unlikely these permissions would have been changed in most installations. It also requires that the LOGFILES directory inside of the WDI directory has not been deleted or renamed, but I find this highly unlikely to occur since it is an integral part of the WDI directory's purpose.
I have tested and confirmed this to work on Windows 7, 8, 8.1 and 10. I have not tested it on Vista, but I would assume it works because of how similar Vista is to 7. Obviously there's no benefit in using this method on XP since all command prompts by default are run at maximum elevation on that version of Windows.

Trying to write a batch file to open programs as an administrator

I'm trying to write a batch file that will open computer management as an administrator (on a Windows 7 64 bit system). I have done this successfully with cmd but cannot get it to work with computer management.
The command I have for cmd is:
runas /profile /env /user:username#domain cmd
After I authenticate with my pw, I'm good to go.
The commands I've tried for computer mgmt are:
runas /profile /env /user:username#domain compmgmt.msc
After I authenticate I get an error telling me "compmgmt.msc is not a valid Win32 application.
runas /profile /env /user:username#domain mmc
After I authenticate I get an error telling me "The requested operation requires elevation"
If I run the good cmd option then type in either mmc or compmgmt.msc, the program will open as admin because I'm in cmd as admin already. I'm assuming there's a way to add onto the good cmd command to autopopulate that text into cmd and run it, but I don't know what it is. I'm also open to trying other options, really I just want a tool that works. I know that I can run my batch as admin and avoid all of this but the purpose of this tool is to not have to provide my admin username.
Suggestions?
runas /user:username#domain "cmd.exe /c \"start compmgmt.msc\""
If the .msc runs correctly from cmd, start cmd under the adecuated account and, from here, start the .msc
The problem is that you cannot run an .msc plugin without calling mmc.
The correct call should be in this format:mmc.exe \location of plugin
runas /u:domain\user "mmc.exe \windows\system32\compmgmt.msc"
The start command will also work but relies on the extensions being properly entered in the registry. I usually do mmc \plugin location due to the different windows operating systems we use and the fact that usually half the plugins I want to use are not registered on the system for some reason.
better you travel to that location and then execute that file
You can write batch file which will run:
(CompMgmtLauncher.exe or CompMgmt.msc)
It'll look like
C:\Users\Admin>cd\
C:>cd Windows
C:\Windows>cd System32
C:\Windows\System32>CompMgmtLauncher.exe
C:\Windows\System32>compmgmt.msc
C:\Windows\System32>

Batch file - Remote Copy and Execute issue

I have a batch file that part of it copies a folder and its content to a local directory and then continues through the batch process which then tries to execute the contents of the folder . locally run it works on all wintel os and copies the files from \networkshare\folder*.* to %systemdrive%\temp\ .
I have attempted to use e.g psexec #serverlist.txt -c batfile.bat -s -f -d to copy the file and then execute it remotely how ever the issue is that this will not copy the files when run remotely . I think its a authentication issues after you a have remotely executed the batch file the remote system will not allow me to access/authenticate the networkshare
i have tried xcopy , copy , robocopy .
AFAIK you can only authenticate against the next hop using implicit credentials. Connection attempts from the first hop to a second hop will fail, even if your user has the required permisssions. See e.g. here for an explanation.
Try this:
psexec #serverlist.txt -u %USERDOMAIN%\%USERNAME% -d -c batfile.bat
Use explicit credentials so you're authenticated against the remote host. With that the second hop will be the next hop for your authenticated session. Don't run the script as LOCAL SYSTEM (-s), because that account is restricted to local resources.
I've had this issue in the past. Instead of trying to copy/run the BAT file just run the script things from a UNC path if you are able to. I think the problem lies in the BAT file not actually able to run through PSEXEC and copy like you think. Does it give an exit code?
Here's an example I used a while ago to install Adobe reader. I tried to do it through a batch file but no dice. I could not get it to run within the batch file whether I copied it or not. I can't remember the exact reason, I think it had something with the way a batch file is called in the system and runs in some sort of local context. Don't quote me on that though as I can't remember the exact why.
Here is my code example:
psexec /accepteula \\%computer% -s cmd /c msiexec /i "\\UNC\Software\adobe\Adobe Reader 7.0.9.msi" TRANSFORMS="acrobat7.mst" /qn

Net use works in batch file, fails in script

We are a small office with a Linux appliance server (SAMBA) and Win7HP on the desktops. We have one machine that acts as a "backup server" and backs up the server nightly.
Writing what was supposed to be a quick & dirty addition to the backup script that would loop like this:
a. net use * /d /y
b. net use u: \\ourserver\userNN /u:userNN password
c. run sync util to sync u: to this user's storage space on backup server
d. repeat
If I manually create the above in a batch file, everything works fine. (However, for many reasons the procedure must be automated and tied into our existing backup scripts.)
If a script creates the identical batch file and runs it, the first user is logged-in and syncronized, but all subsequent net use attempts fail.
Similarly, if the script attempts to map the drive through code, this message is received:
Unrecognised network error #183
The above error suggests that the network drive/path is unavailable -- but a net use command typed at the command line using identical parameters is successful.
The "backup server" is a Win7HP box with UAC disabled. When cmd prompt is launched, all windows are preceded by the word: Administrator: -- however, when the script launches a command window to net use the drive, the cmd titlebar lacks that prefix.
Any thoughts / ideas?
In order for users to execute this code properly, they will need to have the proper credentials to do so. Also to automate this task, just use Task Scheduler and it should work fine.

Can't copy files to UNC Destinations if BAT file is called via scheduled task

I have a bat file copying files from current machine to mapped network drive (one line, xcopy command).
It works when I RDP to server. However, when I run as a scheduled task, and configure it to run under the same user I'm logged in, it doesn't work and give error 0x4.
Is there a way I can achieve this?
I also try dsynchronize and it works when I click synchronized. When I run it as service same issue.
I was able to figure it out. Following batch files works under scheduler, even as local system account:
net use m: \\server\share /U:server\user password
xcopy C:\source m: /E /Y
It maps a network drive every time and then copy to that drive
It's possible to copy files to a UNC path without mapping as a network drive.
Just try to set the UNC path in quotes.
copy * "\\server\share"
Without the quotes, i got a "syntax error" running on Windows7 command line.
I had similar issue where I wanted to copy file(s) from a server to hundreds of other servers without mapping a remote drive to my local PC. I didn't have enough drive letters to map hundreds of remote machines to my local PC! I couldn't just map the remote drive and copy.
I thought I could use copy, xcopy, or robocopy, and specify my creds to the copy command. But none of the copy commands had any options to provide credentials to remote system.
Thanks to the post above, I was able to create a small batch file where I just loop through my hosts, and keep re-using just one drive mapping for all my hosts.
Here is my batch file...
echo #off
for /F %%j in (pchostslist1.txt) do (
net use z:\\%%j\c$ /user:domain\myusername mypassword
mkdir \\%%j\c$\tmp\mynewdir
xcopy c:\anyfile.txt \\%%j\c$\tmp\mynewdir
net use z: /delete
)
I had a similar issue and instead of using net use I simply needed to store the password as part of the scheduled task. You'll notice that it says it only has access to local resources if it's ticked.
Who maps the network drive? And are you using the mapped name, instead of the underlying UNC native path? Because it sounds like the mapped drive is setup in your login script, which doesn't run if you're not logged in. So, in a scheduled task, you do have the correct credentials for the UNC path, but no mapped drive letter.

Resources