I was using Matt's idea over here. The only changes I made was adding the two netstat commands at the bottom and removed cmd /k since that seemed to make the script freeze. This script is causing firefox to crash. Can I please get some ideas on how and why this is happening? How do I fix this?
How can I auto-elevate my batch file, so that it requests from UAC administrator rights if required?
:::::::::::::::::::::::::::::::::::::::::
:: Automatically check & get admin rights
:::::::::::::::::::::::::::::::::::::::::
#echo off
CLS
ECHO.
ECHO =============================
ECHO Running Admin shell
ECHO =============================
:checkPrivileges
NET FILE 1>NUL 2>NUL
if '%errorlevel%' == '0' ( goto gotPrivileges ) else ( goto getPrivileges )
:getPrivileges
if '%1'=='ELEV' (shift & goto gotPrivileges)
ECHO.
ECHO **************************************
ECHO Invoking UAC for Privilege Escalation
ECHO **************************************
setlocal DisableDelayedExpansion
set "batchPath=%~0"
setlocal EnableDelayedExpansion
ECHO Set UAC = CreateObject^("Shell.Application"^) > "%temp%\OEgetPrivileges.vbs"
ECHO UAC.ShellExecute "!batchPath!", "ELEV", "", "runas", 1 >> "%temp%\OEgetPrivileges.vbs"
"%temp%\OEgetPrivileges.vbs"
exit /B
:gotPrivileges
::::::::::::::::::::::::::::
::START
::::::::::::::::::::::::::::
setlocal & pushd .
REM Run shell as admin (example) - put here code as you like
net stop "Audiosrv"
net start "Audiosrv"
Related
I want to Run the batch script to start the Windows service if it crashes, so i configured the Recovery service to run a program for the First failure, Second Failure and subsequent Failure
i have a script working if i click Run as administrator or manually clicks, but the same script is not working(Shows Access is denied) under Run a program option in Windows Service recovery
the service is running under the Network Service account which does not have admin privilege
script-
#echo on
setlocal
CD /D "C:\ServiceBatch"
set email="GUID#domain.com"
set service=LanmanWorkstation
set output=LanmanWorkstation.txt
set Subject=LanmanWorkstation
net start %service%
sc query %service% >%output%
if errorlevel 1 (
wmailto %email% -s"%service% Started Succesfully" -t%output%
)
self elevated script as admin
:: BatchGotAdmin (Run as Admin code starts)
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
exit /B
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
pushd "%CD%"
CD /D "%~dp0"
:: BatchGotAdmin (Run as Admin code ends)
I work in the IT department of our organization. When a remote employee leaves the company we would like our automation tool (K1000) to push a batch file command to force change the BitLocker pin and reboot the computer. I wrote a batch file to change the PIN. It goes as far in command prompt to request a new pin but I can't get the batch to actually to accept the password.
In the below example, it just stays waiting for user input, any thoughts?
I'm hoping to use this for Windows 7 and 10.
#echo off
call :isAdmin
if %errorlevel% == 0 (
goto :run
) else (
echo Requesting administrative privileges...
goto :UACPrompt
)
exit /b
:isAdmin
fsutil dirty query %systemdrive% >nul
exit /b
:run
manage-bde -changepin c:
%SendKeys% "helloworld{ENTER}"
%SendKeys% "helloworld{ENTER}"
exit /b
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "cmd.exe", "/c %~s0 %~1", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
del "%temp%\getadmin.vbs"
exit /B
I am writing an application which uses batch file to copy some files to another location. I am using 64-bit windows 7.
I have asked for admin privileges too using below code:
Code block to get ADMIN right:
#echo off
:: BatchGotAdmin (Run as Admin code starts)
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
)
else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
exit /B
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
pushd "%CD%"
CD /D "%~dp0"
:: BatchGotAdmin (Run as Admin code ends)
:: Your codes should start from the following line
Code to copy a file to system32 folder:
copy /d /Y "D:\opt\optPath.txt" "C:\Windows\System32\"
There is no error in copy operation, but the file is copied to "C:\Windows\SysWOW64" location automatically. Need help.
Try using:
#echo off
:: Batch-Admin API
net file>nul 2>&1&&if "%~1"=="64" (goto:GotAdmin) else (if exist "%windir%\Sysnative\" (call start %windir%\Sysnative\cmd /c "%~0" 64&exit) else (goto:GotAdmin))
echo Requesting administrative privileges...
(echo Set UAC = CreateObject^("Shell.Application"^)
echo UAC.ShellExecute "%~s0", "ELEV","", "runas", 0 ) > "%temp%\admin.vbs"
cscript /Nologo "%temp%\admin.vbs"&exit
:GotAdmin
:: Place ADMIN tasks below
copy /d /Y "D:\opt\optPath.txt" "C:\Windows\System32\"
pause
exit
I modified rewrote your script to:
Use an alternative way to check for admin permissions net file && echo Admin || echo No-admin
Added 64-bit launcher VBScript launches everything as 32-bit (redirecting C:\Windows\System32 to C:\Windows\SysWOW64).
64-Bit launcher:
call start %WinDir%\SysNative\cmd /c %0 (This window is hidden)
The question is different from How can I auto-elevate my batch file, so that it requests from UAC administrator rights if required?
since there will be some problems when passing arguments to a batch file which has the code of acquiring administrative privileges.
After the privileges have been obtained, the arguments is lost and become undefined.
I solve this problem by storing the arguments to a file first, please see detail in my answer.
Say the require batch file is run_as_admin.bat,
By running run_as_admin.bat your_command your_params we can execute the command with administrative privileges (e.g. run_as_admin delete /path/to/system_file).
To run parameters as command, run_params_as_cmd.bat
%*
pause
To get administrative privileges, I find some code
from http://larrynung.github.io/2014/01/01/batch-run-as-administrator/
Then I tried the following code run_as_admin.bat:
#echo off
call:TryToRunAsAdmin
if %ERRORLEVEL%==1 exit /B
echo got administrative privileges...
:: run parameters as command <<< Here '%*' seems not be executed as a command.
%*
pause
goto :eof
:TryToRunAsAdmin
set GetAdminScriptFile="%temp%\getadmin.vbs"
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
call:UACPrompt
set ERRORLEVEL=1
) else (
if exist %GetAdminScriptFile% ( del %GetAdminScriptFile% )
set ERRORLEVEL=0
)
goto :eof
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > %GetAdminScriptFile%
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> %GetAdminScriptFile%
call %GetAdminScriptFile%
goto :eof
To test that code, I tried some command which needs admin privileges
run_as_admin.bat reg add "HKLM\SOFTWARE\Classes\.php" /v PerceivedType /d text
run_as_admin.bat %SystemRoot%\system32\drivers\etc\hosts_old.txt
but these commands seem to be not executed but ignored as a string.
I guess the problem is related to the code, is there any other ways to
write a batch file can run parameters as a command with administrative privileges?
The arguments passing to run_as_admin.bat will gone when requesting administrative privileges.
So you need to store the arguments first.
Here is the solution:
#echo off
SET commandline=%*
:: store it to file
echo %commandline% > "__temp__.bat"
:: BatchGotAdmin
:-------------------------------------
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
set params = %*:"=""
echo UAC.ShellExecute "cmd.exe", "/c %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
del "%temp%\getadmin.vbs"
exit /B
:gotAdmin
pushd "%CD%"
CD /D "%~dp0"
:--------------------------------------
:: execute command administrative privileges with and then delete the temp file
call "__temp__.bat"
del "__temp__.bat"
pause
I wrote this script to run a file remotely on another computer, however I would like to run it as an administrator user but for it to be shown on the user's computer. How do I run a script as administrator remotely but to show it on the user's profile?
#echo off
color 0a
SET /p ComputerName=ComputerName:
SET /p UserName=Please enter the username:
SET /p UserNamePassword=Please enter Username Password:
tasklist /s \\%ComputerName% /u %UserName% /p %UserNamePassword% /FI "memusage gt 200000"
SET /p Value=would you like to continue? Press 1 if yes.Press 2 to exit:
IF %Value% EQU 1 pushd \\NetworkPath & copy batfile.bat \\%ComputerName%\c$\Users\%UserName%\Desktop & popd & psexec -i -s -d \\%ComputerName% -u %UserName% -p %UserNamePassword% "C:\Users\%UserName%\Desktop\batfile.bat"
IF %Value% EQU 2 exit
You could try using the command line nircmd elevate "the path of your program.bat" to start the program. Or you could create another .bat file reading this:
nircmd elevate "the path of your program.bat"
exit
To open your main program, just open this second .bat program and it will open your main program as the administrator and then close itself out.
Nircmd is not a default windows command. You would have to download it from this website by clicking on the "Download NirCmd" button on the bottom of the webpage. Choose to save this .zip file, and when it is done, extract it. Then only copy the file "nircmd.exe" into your "system32" directory or %systemroot%. Now nircmd is part of the commands you can use in "cmd.exe".
I have nircmd on my computer, if you have trouble trusting it. It is a very useful tool to have. The above link also has a list of all of the functions and their descriptions.
You could also use this to make a batch-file run as admin:
SET ADMIN=0
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
if '%errorlevel%' NEQ '0' (GOTO askAdmin)
SET ADMIN=1
GOTO gotAdmin
:askAdmin
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
exit /B
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
Put that at the top of your batch-file