?
Solved

Batch - DEL access denied

Posted on 2009-04-01
10
Medium Priority
?
2,074 Views
Last Modified: 2012-05-06
I'm trying to write a batch file that will replace a file on users account machines.  When I try to DEL the file from within the batch it tells me access is denied.  I'm pretty sure it is because the permissions on the file are limited to read & write for users.

A batch runs whenever a user logs on to their PC that ties into another batch over a network share that updates files / programs when necessary.  Basically, I can not go around and change the permissions of the file on all the PC's logging on as an administrator.

Is there a work around?

The code below is called by the initial batch script that runs when a user logs on.  RUNME.bat file is the file that I can't delete as a regular user; which everyone is.  RUNME.bat is not the initial batch that runs and is not in use when the batch runs to delete and replace it.
@ECHO OFF
echo %username%,%date%,%time% >>\\server\share\netwrk\logon.csv
del C:\VDI\RUNME.BAT /q
xcopy \\server\share\NETWRK\VDI\RUNME.BAT "C:\VDI" /q /y
xcopy \\server\share\NETWRK\SHOCUT\GEN\VDI_Shares.lnk "c:\DOCUME~1\%username%\desktop" /q /y
ipconfig /all >\\server\share\NETWRK\COMPLE\IPCONF\%username%.txt
echo >"\\server\share\netwrk\comple\upd002\%username%.txt"
del "\\server\share\netwrk\comple\update\%username%.txt" /q
net use z: /del /yes >nul

Open in new window

0
Comment
Question by:NEVAEHSIN
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
10 Comments
 
LVL 26

Expert Comment

by:souseran
ID: 24041843
A tool like CPAU might help:

http://www.joeware.net/freetools/tools/cpau/index.htm

"Basically this is a runas replacement. Also allows you to create job files and encode the id, password, and command line in a file so it can be used by normal users."

You can include this in your batch file to allow it to be run as though by an Administrator.
0
 
LVL 6

Expert Comment

by:vertsyeux
ID: 24041876
Hi,

Is this a one-off deletion of this file or is it deleted regularly.. As far as I know, most of the C: drive is not writable by restricted users. I suggest..

a) If only single user needs to access the RUNME batch file, create a folder in %USERPROFILE% - that is usually stores in C:\Documents and Settings\<Username> and is always writable by the currently logged-in user..

b) If other users need to access the file, create your folder VDI in C:\ but set it and all its child objects to be writable by Users.. Maybe you can't do that as it would require you to access each machine as an administrator..

I don't know if you can dial-into these machines, but I have a batch file called SU.BAT that requests the administrator password and gives me an explorer window logged-in as administrator from a restricted user - it's usually hidden away in the programs/accessories menu.

The batch file looks like this:

   @echo off
   runas  /env  /user:Administrator  "explorer"

If you have any other questions, let me know..

Regards,
Gordon
0
 
LVL 1

Author Comment

by:NEVAEHSIN
ID: 24042033
I don't think this will work.  The problem is that my batch is run on 100's of computers that do not have this tool on them.  Maybe the RUNAS command is what I'm looking for however I'm not familiar with the proper syntax to make the command work.

Any suggestions?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 6

Expert Comment

by:vertsyeux
ID: 24042128
It sounds like you don't necessarily have to be administrator - if you create a folder %USERPROFILE%\VDI in your batch file and store your batch file in there, the user will definitely have all rights access to that - If I log in as Fred, then the system sets up an env. variable called USERPROFILE which has the value "\Documents and Settings\Fred"
0
 
LVL 1

Author Comment

by:NEVAEHSIN
ID: 24042142
my previous comment was for souseran.

vertsyeux:

The runme.bat is a batch file that will be used in the near future to migrate users and all their files to an AD for virtual desktops.  I had to revise the batch as we changed the way we're planning to perform the migration.  An administrator account will run the batch, hence why I had to put it on C:\ - also it was a (at the time) time saving action on my part.  I didn't think I'd have to change the file at the time I wrote it and put the restrictions on it on purpose so that users would not be able to delete it.

I still think the RUNAS command within DOS may work, but again I am unfamiliar with this command.  I am not overly concerned with putting an administrator password within the batch as the batch is call minimized and literally runs for less than a second and then disappears - and if worst came to worst I would convert it to an .exe and run it.

Any tips on the RUNAS statement and if it will work?
0
 
LVL 1

Author Comment

by:NEVAEHSIN
ID: 24042154
vertsyeux:

I understand %userprofile% and all, problem is what do I do with the file now currently sitting in the VDI file?
0
 
LVL 6

Accepted Solution

by:
vertsyeux earned 750 total points
ID: 24042210
You could ignore it, unless it contains sensitive information or is called by the system.. If you have to delete a file you don't have write access to, you will either have to log in as administrator or use the SU batch file I listed earlier to get a "superuser command prompt".. Alternativly, you could create a Linux live CD that boots up and cleans-up the necessary file(s) and distribute that to all your end-users
0
 
LVL 26

Expert Comment

by:souseran
ID: 24042383
NEVAEHSIN:

We may be able to accomplish running the RUNAS statement as part of a Visual Basic Script (.VBS). Let me do some more research on that for you.
0
 
LVL 26

Assisted Solution

by:souseran
souseran earned 750 total points
ID: 24042765
One other possibility would be to make a call to CPAU in your batch file, copy it over locally, run the necessary command, and the rest of the batch file, then have the batch file delete the CPAU program. Just a thought.
0
 
LVL 1

Author Closing Comment

by:NEVAEHSIN
ID: 31565430
installing CPAU on the PC's was not an option unfortunately.  I decided to spend the hours yesterday and manually remove the file from each PC :(  However, I appreciate your time and suggestions.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We have adopted the strategy to use Computers in Student Labs as the bulletin boards. The same target can be achieved by using a Login Notice feature in Group policy but it’s not as attractive as graphical wallpapers with message which grabs the att…
YESTERDAY YESTERDAY.BAT is inspired by a previous article I wrote entitled: TOMORROW.BAT (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/MS_DOS/A_4196-Advanced-Batch-File-Programming-TOMORROW-BAT.html). The crux of this batch f…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question