I am trying to run this code in a windows batch (.bat) file
#echo off
echo Adding New User - LogMeInRemoteUser
net user | find /i "LogMeInRemoteUser" || Net user LogMeInRemoteUser password /add /fullname:"LogMeInRemoteUser"
pause
echo Adding User to Administrators Group
NET LOCALGROUP Administrators "LogMeInRemoteUser" /ADD
pause
echo Creating Registry Keys to remove the new user from the login page
REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon\SpecialAccounts\UserList" /v "LogMeInRemoteUser" /t REG_DWORD /d 0
pause
echo Finished
if i run the file normally, i get an Access Denied error so I try to run as Administrator but the cmd windows opens and instantly closes, what have i done wrong?
When you run as administrator the current directory is changed under you. To prove that (and fix it) enter these 3 lines under your #echo off
echo(%cd%
pushd %~dp0
echo(%cd%
You can remove both of the echo( statements after you see what is happening.
Related
I have a batch script in Windows7 to update the hosts file that fails.
I am logged as a user with administrative rights.
Even if I run the script with the "Run as administrator" option I get Access denied. 0 files copied when executing this part of the script:
for /f "tokens=1-2 delims=:" %%a in ('ipconfig^|find "IPv4"') do set ip=%%b
set ip=%ip:~1%
REM create changing part of hosts file...
if exist %temp%\temp.txt del %temp%\temp.txt
echo %ip% myproxy >> %temp%\temp.txt
REM check this...
set hostpath=C:\WINDOWS\system32\drivers\etc
REM add static part of hosts file
type "%hostpath%\hosts-static" >> %temp%\temp.txt
REM replace hosts file
copy /y %temp%\temp.txt "%hostpath%\hosts"
ipconfig /flushdns
netsh interface IP delete arpcache
pause
I also tried to create a shortcut and set the "Advanced -> Run as Administrator" option but no luck.
If I open a cmd shell as Administrator and then run the script from there everything works fine, but no way of running it directly double-clicking on the file (or its link).
Any idea?
EDIT:
added the whole script.
I tried creating a shortcut for the following command to execute as Administrator
C:\Windows\System32\cmd.exe /c script.bat
and it is also failing.
From the same shortcut (without arguments) I can open a window where I can execute the batch correctly. I really cannot see why.
Obviously a late response, but just solved this issue with a very straightforward solution so I thought I'd share:
Using ICACLS you can modify access control lists (ACLs) to bypass access denied errors.
Run the following command:
ICACLS C:\path\to\batch\file\directory\* /C
the parameter /C tells the batch file to bypass access denied errors. Cheers.
Try attrib -r -s -h -a "%hostpath%\hosts" before your copy command. If any file is attributed +r, +s, or +h, you'll get "Access is denied" if you try to overwrite it using copy.
I am trying to write a bat file command that will run cmd and for example, make a new user and elevate the user to administrator privileges.
Or Even Better! Write a bat command to open run (Win+R), write a command to open cmd and then type out the command, net user --- --- /add etc....
Many thanks to whoever can help, this is where I am so far:
start cmd.exe /k "net user smith admin /add" pause 0.5 /c "net user administrators smith /add"
starting run did work, but I could not use /c or /k to write a command, I tried write but I had no clue what it actually did.
Try creating batch file named AddUser.cmd with following:
#echo off
net user %1 admin /add
net user Administrators %1 /add
Then run it like this:
AddUser smith
The %1 in your batch file is replaced by the first parameter you call it with.
You can verify first parameter is provided like this:
#echo off
if "%1"=="" goto :Syntax
net user %1 admin /add
net user Administrators %1 /add
goto :End
:Syntax
echo Syntax: AddUser [userid]
goto :End
:End
i have looked around a fair bit, but cant seem to find an answer to this.
I am creating a script that is a part of the off boarding process for our company. As part of the process, it grants permssion for another user to access the exiting users profile share (working fine). The next part will map a network drive remotely (im having trouble with this. I am using PSEXEC to dispatch a bat script which maps the users drive:
#echo off
::Welcome note
echo Welcome to the User EXIT script!
:Start
:: set variable to be used throughout script for the username of the person exiting.
set /p uname="Please enter the username for exit:"
set /p cleanupu="Please enter the username for homedrive & mailbox cleanup:"
set /p computermap="Please enter the Computer to clean up the Homedrive:"
echo The username for exit is: %uname%
echo The username that is cleaning up is: %cleanupu%
echo The computer for the homedrive to be mapped to is %computermap%
set /P c=Is this correct [Y/N]?
if /I "%c%" EQU "Y" goto :init_confirm
if /I "%c%" EQU "N" goto :start
:init_confirm
::confirmation....
echo This script will exit the user: %uname%
pause
icacls "\\server\home$\%uname%" /grant DOMAIN\%cleanupu%:(OI)(CI)F
pause
echo net use z: \\server\home$\%uname%\ > map_temp.bat
psexec \\%computermap% -c -i -d map_temp.bat
pause
exit
This will copy the file to the remote computer and open up a blank command prompt window.
Can anyone see why this wont actually run map_tem.bat?
cheers
So, I am trying to create a .bat to taskkill a specific program in Win7.
I am using the command:
taskkill /f /im "LCore.exe"
The .bat needs to be run as admin in order to work it seems so I have created a shortcut to it to run automatically in admin mode as specified in another thread (How to code a BAT file to always run as admin mode?).
However, when using the Microsoft Mouse and Keyboard Center to map one of my additional keys to run the shortcut it automatically runs the target of the shortcut rather than the shortcut itself which doesn't have the admin privileges needed (when selecting to map the shortcut it automatically changes the path to the target, manually setting the path returns a 'not found' error).
So basically I was wondering if there is another way that doesn't involve creating a shortcut to automatically run a .bat with elevated privileges.
#ECHO OFF
OPENFILES>NUL 2>&1
IF "%ERRORLEVEL%"=="0" GOTO :YouAreAdmin
GOTO :GetAdmin
:GetAdmin
ECHO.Set UAC = CreateObject^("Shell.Application"^) > "StartAsAdmin.vbs"
ECHO.UAC.ShellExecute "%~fs0", "", "", "runas", 1 >> "StartAsAdmin.vbs"
StartAsAdmin.vbs
DEL "StartAsAdmin.vbs"
EXIT /B
:OK
REM Your code starts here!
ECHO.
ECHO. If you see this, you have started as admin this bat file.
PAUSE>NUL
EXIT
Sorry, but I am new! :)
So first, OPENFILES command checks if you have runned program as administrator, like any command that needs administrator privileges. If you type >NUL 2>&1 after a command, CMD will hide any message from that command and will redirect error. So if you have troubles running a simple command action like OPENFILES, the only error that you can have is that batch file doesen't have administrator privileges. And if %ErrorLevel% is 0 (you have no errors running that command), it seems that you started application as administrator, so it steps to :OK label. But if %ErrorLevel% is not 0 (there is a problem), it seems that application doesen't have administrator privileges. So it will start automatly as administrator from a temporary VBScript generated by that batch file, then is started, and then deleted.
In Windows 7 you don't need to write additional scripts, because it has built-in "PowerShell" instrument. Try the following :
powershell.exe start-process taskkill.exe -verb runas -argumentlist '/f /im "LCore.exe"'
I'm writing a command file (.cmd) to add a user to a local group. I would like to have the CMD file prompt for admin access if the call fails.
I imagine it would ne something like this:
#echo off
net localgroup administrators domain\user /add
rem The Net command doesn't prompt for privilege escalation, it just fails.
if "%errorlevel%" neq "0" RequireAdministrator "cmd.exe /c net localgroup administrators domain\user /add"
if "%errorlevel%" neq "0" echo Could not add user to administrators group
Does this make sense?
There is a well known script published by Microsoft known as elevate. It comes in the form of the Elevation PowerToys. You can down load it from here.
The two files you need are elevate.vbs and elevate.cmd. Put those in the same directory as your .cmd file, or perhaps somewhere on your system path. Then your .cmd file should just read:
elevate cmd.exe /c net localgroup administrators domain\user /add