Batch - DEL access denied

Posted on 2009-04-01
Last Modified: 2012-05-06
I'm trying to write a batch file that will replace a file on users account machines.  When I try to DEL the file from within the batch it tells me access is denied.  I'm pretty sure it is because the permissions on the file are limited to read & write for users.

A batch runs whenever a user logs on to their PC that ties into another batch over a network share that updates files / programs when necessary.  Basically, I can not go around and change the permissions of the file on all the PC's logging on as an administrator.

Is there a work around?

The code below is called by the initial batch script that runs when a user logs on.  RUNME.bat file is the file that I can't delete as a regular user; which everyone is.  RUNME.bat is not the initial batch that runs and is not in use when the batch runs to delete and replace it.
echo %username%,%date%,%time% >>\\server\share\netwrk\logon.csv
xcopy \\server\share\NETWRK\VDI\RUNME.BAT "C:\VDI" /q /y
xcopy \\server\share\NETWRK\SHOCUT\GEN\VDI_Shares.lnk "c:\DOCUME~1\%username%\desktop" /q /y
ipconfig /all >\\server\share\NETWRK\COMPLE\IPCONF\%username%.txt
echo >"\\server\share\netwrk\comple\upd002\%username%.txt"
del "\\server\share\netwrk\comple\update\%username%.txt" /q
net use z: /del /yes >nul

Open in new window

Question by:NEVAEHSIN
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
LVL 26

Expert Comment

ID: 24041843
A tool like CPAU might help:

"Basically this is a runas replacement. Also allows you to create job files and encode the id, password, and command line in a file so it can be used by normal users."

You can include this in your batch file to allow it to be run as though by an Administrator.

Expert Comment

ID: 24041876

Is this a one-off deletion of this file or is it deleted regularly.. As far as I know, most of the C: drive is not writable by restricted users. I suggest..

a) If only single user needs to access the RUNME batch file, create a folder in %USERPROFILE% - that is usually stores in C:\Documents and Settings\<Username> and is always writable by the currently logged-in user..

b) If other users need to access the file, create your folder VDI in C:\ but set it and all its child objects to be writable by Users.. Maybe you can't do that as it would require you to access each machine as an administrator..

I don't know if you can dial-into these machines, but I have a batch file called SU.BAT that requests the administrator password and gives me an explorer window logged-in as administrator from a restricted user - it's usually hidden away in the programs/accessories menu.

The batch file looks like this:

   @echo off
   runas  /env  /user:Administrator  "explorer"

If you have any other questions, let me know..


Author Comment

ID: 24042033
I don't think this will work.  The problem is that my batch is run on 100's of computers that do not have this tool on them.  Maybe the RUNAS command is what I'm looking for however I'm not familiar with the proper syntax to make the command work.

Any suggestions?
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Expert Comment

ID: 24042128
It sounds like you don't necessarily have to be administrator - if you create a folder %USERPROFILE%\VDI in your batch file and store your batch file in there, the user will definitely have all rights access to that - If I log in as Fred, then the system sets up an env. variable called USERPROFILE which has the value "\Documents and Settings\Fred"

Author Comment

ID: 24042142
my previous comment was for souseran.


The runme.bat is a batch file that will be used in the near future to migrate users and all their files to an AD for virtual desktops.  I had to revise the batch as we changed the way we're planning to perform the migration.  An administrator account will run the batch, hence why I had to put it on C:\ - also it was a (at the time) time saving action on my part.  I didn't think I'd have to change the file at the time I wrote it and put the restrictions on it on purpose so that users would not be able to delete it.

I still think the RUNAS command within DOS may work, but again I am unfamiliar with this command.  I am not overly concerned with putting an administrator password within the batch as the batch is call minimized and literally runs for less than a second and then disappears - and if worst came to worst I would convert it to an .exe and run it.

Any tips on the RUNAS statement and if it will work?

Author Comment

ID: 24042154

I understand %userprofile% and all, problem is what do I do with the file now currently sitting in the VDI file?

Accepted Solution

vertsyeux earned 250 total points
ID: 24042210
You could ignore it, unless it contains sensitive information or is called by the system.. If you have to delete a file you don't have write access to, you will either have to log in as administrator or use the SU batch file I listed earlier to get a "superuser command prompt".. Alternativly, you could create a Linux live CD that boots up and cleans-up the necessary file(s) and distribute that to all your end-users
LVL 26

Expert Comment

ID: 24042383

We may be able to accomplish running the RUNAS statement as part of a Visual Basic Script (.VBS). Let me do some more research on that for you.
LVL 26

Assisted Solution

souseran earned 250 total points
ID: 24042765
One other possibility would be to make a call to CPAU in your batch file, copy it over locally, run the necessary command, and the rest of the batch file, then have the batch file delete the CPAU program. Just a thought.

Author Closing Comment

ID: 31565430
installing CPAU on the PC's was not an option unfortunately.  I decided to spend the hours yesterday and manually remove the file from each PC :(  However, I appreciate your time and suggestions.

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Robocopy command line 6 73
network copying issue 4 71
how to copy from computer to usb drive 7 127
Digital camera and media XP and Vista - fails on Windows 7 24 172
We have adopted the strategy to use Computers in Student Labs as the bulletin boards. The same target can be achieved by using a Login Notice feature in Group policy but it’s not as attractive as graphical wallpapers with message which grabs the att…
If you have done a reformat of your hard drive and proceeded to do a successful Windows XP installation, you may notice that a choice between two operating systems when you start up the machine. Here is how to get rid of this: Click Start Clic…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit If you want to manage em…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question