rupspan
asked on
How can I copy a multiple files to a folder that needs a different username password on the local machine?
I'm running a windows XP laptop in a workgroup. The latop has 2 accounts, 1 administrator account and 1 Student account (Power User). I would like to send the student a USB stick which contains batch/script file that copies multiple files from the USB stick to a folder under the administrators account. I've tried to use the COPY command but I get "Access Denied" as the student does not have access to the administrators folder. The copy command does not allow you to pass username password.
Thanks in advance!!
Thanks in advance!!
You can use the "runas" command, which will allow you to pass both the username and password. A word of caution that the username and password will be in plain text unless you compile the entire script into an executable.
The root reason your batch file is getting the access denied error is because your student user doesn't have sufficient NTFS permissions to write to the target folder. So the problem isn't the batch file.
One way around this would be to modify the NTFS permissions for the target folder to grant the student user ONLY Write permissions to the folder. Your batch file will then be able to copy files there. Note that the student user will NOT be able to use Windows Explorer to navigate to the folder because that requires Read permissions as well. This solution doesn't require to you put the Administrator password in the clear (exposed) in any way.
If you're running Windows XP Professional on your laptop, you need to have Simple File Sharing disabled in order to change the security settings on a folder. Disable it by opening an Explorer window-->Tools menu-->Folder Options...-->View tab-->Use simple file sharing (recommended). Deselect the check box.
If you have Windows XP Home edition, editing NTFS permissions is a lot more difficult. You have to start the computer in Safe mode and logon as the Administrator. But it will work.
I've attached a screen shot showing a user given only the Write permissions to a folder.
You edit folder permissions by right-clicking the folder in Explorer, select Properties, then the Security tab. If you don't see the Security tab, re-read the few paragraphs above explaining what must be in place in order to edit NTFS permissions.
Benchguest-user--Write--permissi.jpg
One way around this would be to modify the NTFS permissions for the target folder to grant the student user ONLY Write permissions to the folder. Your batch file will then be able to copy files there. Note that the student user will NOT be able to use Windows Explorer to navigate to the folder because that requires Read permissions as well. This solution doesn't require to you put the Administrator password in the clear (exposed) in any way.
If you're running Windows XP Professional on your laptop, you need to have Simple File Sharing disabled in order to change the security settings on a folder. Disable it by opening an Explorer window-->Tools menu-->Folder Options...-->View tab-->Use simple file sharing (recommended). Deselect the check box.
If you have Windows XP Home edition, editing NTFS permissions is a lot more difficult. You have to start the computer in Safe mode and logon as the Administrator. But it will work.
I've attached a screen shot showing a user given only the Write permissions to a folder.
You edit folder permissions by right-clicking the folder in Explorer, select Properties, then the Security tab. If you don't see the Security tab, re-read the few paragraphs above explaining what must be in place in order to edit NTFS permissions.
Benchguest-user--Write--permissi.jpg
ASKER
Thanks for the proposed solution. I totally agree with you, the issue is that the student accounts does not have the right permissions. Since these laptops (50 laptops in total) are 100's of miles away is it possible to script changes to permissions? Then copy the files to a folder? I need to make this simple as possible as the students are between 6 and 12 grade.
Thanks!
Thanks!
Are the laptops in a domain or a workgroup?
ASKER
in a workgroup
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
i'm gonna test it now :) Thanks alot!
ASKER
Hey twaindriver! the command works great!! I JUST had to run it with the runas command like snowdog said. The only problem I have is that I can't seem to pass the password to the runas command using ECHO.
I am using this command and get a logon failure. If type the password in manually it works fine.
ECHO TEST | RUNAS /USER:ADMINISTRATOR "CACLS "C:\FOLDER" /E /C /G "STUDENT":W
Thanks guys!!
I am using this command and get a logon failure. If type the password in manually it works fine.
ECHO TEST | RUNAS /USER:ADMINISTRATOR "CACLS "C:\FOLDER" /E /C /G "STUDENT":W
Thanks guys!!
You have to place the domain name in front of the "administrator" name, i.e. mydomain\administrator.
ASKER
I came across this tool "lsrunas" and works great.
In the end the below command resolved my problem.
lsrunas /user:administrator /password:test /domain:Mydomain /command:"cacls "T:\Folder" /e /c /g "Student":W" /runpath:c:\
Thanks Snowdog1 and Twaindriver! They should rename your status to Genius
In the end the below command resolved my problem.
lsrunas /user:administrator /password:test /domain:Mydomain /command:"cacls "T:\Folder" /e /c /g "Student":W" /runpath:c:\
Thanks Snowdog1 and Twaindriver! They should rename your status to Genius