Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Running a Batch that needs administrator privileges...

Posted on 2006-05-16
Medium Priority
Last Modified: 2012-06-27
Hello everyone,

I work in an IT department for a small company, our size is increasing, and doing things to each pc one by one takes a long time.
We implemented batch scripts to run on logon, but as all our users are not administrators, some of the code in the batch files do not execute. EG: Copying files, or executing programs such as setup programs for software.

My question is, how do I get around all this without granting our users administrator privileges?
I have searched on here, and one solution was to create a service, but in order to get the service running I would need to go to every machine to start the service.
If anyone comes up with a solution, detail would be helpful. Would like to avoid having to visit every machine though.

Any help is appreciated! Thanks.
Question by:Antonio King
LVL 43

Accepted Solution

Steve Knight earned 2000 total points
ID: 16691174
Couple of suggestions: #

1. If you have active directory use a startup script assigned to the computer's OU's rather to the users.

2. Use an AT command scheduled on each box to run the command as SYSTEM

3. Use RunAs.exe in your login script (not a good idea as password would show up in text file...)

4. Again if you have AD to install apps. create group policy entries to install the software using MSI file stored on a share which you can assign to users or computers.

5. Copy the files to each machine from your own domain admin account using a list of servers from the domain.

If any of that sounds like what you want someone here can elaborate on specific scripts.

LVL 24

Expert Comment

ID: 16713166
> , how do I get around all this without granting our users administrator privileges?

one is, the admin gets footprint on each pc, their own ID and password, and this ID is then used for the install

two is for use of scheduler, in dos of  'AT' command to start a .cmd  file to run, installing things. When the AT command runs, it has system privilege, which is more powerful than Administrator. That is one main reason I like to use scheduler. No one has to log in to get the authority, and you may not need to force users to log off.
LVL 24

Expert Comment

ID: 16713175
I think that means I like dragon-it 's #2 and #5 best.
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.


Expert Comment

ID: 16745013
low-tech solution:... write a batch file that contains means for authorization (i.e. id and password) and then compile it:


I've used this compiler with success in the past.

LVL 24

Expert Comment

by:Mohammed Hamada
ID: 16899182
From One of my previous posts..

You will probably need to make a script file that will include both, username and password so they can't see them or get prompted to type them.. See the following link please..


Or use the Runasp third party command line..

The password parameter is not supported by the runas command on XP, but this runasp does support it..

BTW: if you didn't find your answear in first link, then the command line runasp will do it..

LVL 43

Expert Comment

by:Steve Knight
ID: 17069485

Are you still there?  Did any of that help?


Author Comment

by:Antonio King
ID: 17139071
Very sorry for taking so long to get back to you,

Many thanks for all your help/
LVL 43

Expert Comment

by:Steve Knight
ID: 17142174
No problem, glad if it helped.... got me past the 50k mark in the TA too :-)


Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The following is a collection of cases for strange behaviour when using advanced techniques in DOS batch files. You should have some basic experience in batch "programming", as I'm assuming some knowledge and not further explain the basics. For some…
Being a system administrator some time we require to do things remotely, one of them is installing software. Here I am going to tell you how to install software through wmic (Windows management instrument console). I am not at all saying that this i…
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
With just a little bit of  SQL and VBA, many doors open to cool things like synchronize a list box to display data relevant to other information on a form.  If you have never written code or looked at an SQL statement before, no problem! ...  give i…
Suggested Courses
Course of the Month12 days, 2 hours left to enroll

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question