Batch runas help


I am trying to install UltraVNC via a batch file run from my machine to all machines.
After configuring it as per:
"Semi Automatic Installation" (Sorry couldn't get a direct link)

I have successfully created this batch to add a user to the local power users group on each machine. (Who I want to use to install the program).
set MACHINES=c:\temp\machines.txt
set LOGFILE=c:\temp\logfile.txt
set ERRORLOG=c:\temp\errorlog.txt
FOR /F "eol=  tokens=1 " %%a IN (%MACHINES%) DO  AT %%a 16:30 net localgroup "Power users" <Domain>\<User> /add >%LOGFILE% 2>%ERRORLOG%

* Machines.txt contains lines like e.g. \\PC1

Now that all machines have the same Power User I can install the program with the same credentials.

So far I've manage this:
set MACHINES=c:\temp\machines.txt
set LOGFILE=c:\temp\logfile.txt
set ERRORLOG=c:\temp\errorlog.txt

FOR /F "tokens=*" %%a IN (%MACHINES%) DO AT %%a 11:44 RUNAS /u:<Domain>\<User> O:\IT\InstallUltraVNC.BAT >%LOGFILE% 2>%ERRORLOG%

Which  returns:
AT \\PC1 11:44 RUNAS /u:<Domain>\<User> O:\IT\InstallUltraVNC.BAT  1>c:\temp\logfile.txt 2>c:\temp\errorlog.txt

If I run:
AT \\PC1 11:44 RUNAS /u:<Domain>\<User> O:\IT\InstallUltraVNC.BAT
or from PC1 as a user with sufficient rights:
AT \\PC1 11:44 O:\IT\InstallUltraVNC.BAT
I get:
Added a new job with job ID = 17
I am not prompted for a password and installation doesn't start.

I have also tried goto :InstallNow to run the actual installation, but the computername is not passed on to the section.

I have found and read many resources here and elsewhere, just can't get it all to come together.

This is my second day working with batch files. A step by step explantation as to how and why, would be very much appreciated.

Who is Participating?
NostradamuzConnect With a Mentor Commented:
I've read your question somewat better..

What I alway's do:

Put vnc on a network path.
start psexec with a test hostname and commandline
then make a loop for in a batch and with a file (with the hostnames) as input.
then run!!!


Remote starting installation with your credentials or other.. see website

I dont have the time to wite it out completely but I hope it helped .. (don't use at)
The AT command runs jobs in the context of the local SYSTEM account.  RUNAS is designed so that you can't supply a password in a script.  This method isn't going to work.

You would probably be better off adapting the FastPush script from here:
DennisPostAuthor Commented:
Hi Shift-3,

Thanks for the tip. Just checked it out.
It's a bit complicated for the friday....... 8-P
I'll have a better look at it as soon as priorities and brainresources allow it.

If the AT command runs jobs in the context of local SYSTEM, why then does the program not install??
GPO also asigns msi packages as the local SYSTEM account, does it not?

I have found some examples of RUNAS with passwords using things like sanur and whoami.
But like I mentioned, I am a batch noob and need a breakdown of the how's and why's in laymans terms.
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

I've found some time ago a tool with can do a runas with username and encripted password.


Great for in scripts.
The SYSTEM account would not have access to the O: drive.
DennisPostAuthor Commented:
Link doesn't work. http error 404 File not found.

Is it possible to map the network drive as another user? i.e. the local SYSTEM account?
If not, could I copy the files to a local drive first, then run it?
A system account doen't has any rights on the network. Only on the local system.
I've checked the link and it is working.

But goto and search for lsrunase.

DennisPostAuthor Commented:
Thanks Nostradamuz,
This is not exactly what I'm wanting. Must be free and with no limit. (Small company, no IT budget. :-(    )
I'm not keen on installing trail versions on our only server.
Do you think you could offer some advice about the batch info I gave?
DennisPostAuthor Commented:
Sorry for the late reply, had to look into other things first.
I've just had a quick look at Psexec. I'll play around with it a bit and let you know.
Thanks for your input !!
DennisPostAuthor Commented:
Hi  Nostradamuz,
Well, PsExec was a great tip!! Thanks
Progress was good this morning  but on this friday afternoon.........

OK i've gotten this far.
C:\Temp>psexec \\PC1 -u <Domain>\Administrator -p Password -c C:\Temp\UltraVNC.BAT
Contents of UltraVNC.BAT:
:: Check if it is already installed.
IF EXIST "C:\Program Files\UltraVNC\repeater.exe" goto end_batch

:: Change directory.
IF EXIST "C:\Temp" goto CopyFiles
md temp

::Copy the necessary files.
cd temp
copy \\Server1\Setup$\Programs\UltraVNC\*.* C:\Temp /y
copy \\Server1\Setup$\Programs\PsExec\PsExec.exe C:\Temp /y

::Import the pre-configured registry key with the password.
psexec \\PC1 -s -i -d %windir%\regedit /s C:\Temp\vncdmp.txt  *************

::Install the program.
UltraVNC-102-Setup.exe /SInstall /verysilent /loadinf=C:\Temp\UltraVNCCnfg.inf

::Start the service
Net Start WinVNC

::Delete the temporary files.
Del /F /Q C:\Temp\UltraVNC*.*
Del /F /Q C:\Temp\vncdmp.txt
Del /F /Q C:\Temp\psexec.exe

Which returns:
PsExec v1.72 - Execute processes remotely
Copyright (C) 2001-2006 Mark Russinovich
Sysinternals -

C:\WINDOWS\system32>IF EXIST "C:\Program Files\UltraVNC\repeater.exe" goto end_batch
C:\WINDOWS\system32>IF EXIST "C:\Temp" goto CopyFiles
C:\>cd temp
C:\Temp>copy \\Server1\Setup$\Programs\UltraVNC\*.* C:\Temp /y
        5 file(s) copied.

C:\Temp>copy \\Server1\Setup$\Programs\PsExec\PsExec.exe C:\Temp /y
        1 file(s) copied.

C:\Temp>psexec \\PC1 -s -i -d C:\WINDOWS\regedit /s C:\Temp\vncdmp.txt
PsExec v1.72 - Execute processes remotely
Copyright (C) 2001-2006 Mark Russinovich
Sysinternals -

C:\WINDOWS\regedit started on PC1 with process ID 2368.

C:\Temp>UltraVNC-102-Setup.exe /SInstall /verysilent /loadinf=C:\Temp\UltraVNCCnfg.inf

C:\Temp>Net Start WinVNC
The VNC Server service was started successfully.

C:\Temp>Del /F /Q C:\Temp\UltraVNC*.*
C:\Temp>Del /F /Q C:\Temp\vncdmp.txt
C:\Temp>Del /F /Q C:\Temp\psexec.exe

UltraVNC.BAT exited on traxx14 with error code 0.

This works if I do it machine by machine altering the **** line beforehand.

But..... I can't get this to work with a loop file (For /f blah blah blah)

I think I have to use a second batch file, though I don't want to include the administrators password and don't know
if the second batch file will be run in the same security context as the original PsExec command.

Awaiting sage advice....
In the meantime a redbull and back to this puzzle.
DennisPostAuthor Commented:
Thanks Nostradamuz,

It wasn't quite the answer to my question, but having a small network, this is definitely do-able.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.