Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How do i run a batch file as local admin?

Posted on 2011-03-21
22
Medium Priority
?
470 Views
Last Modified: 2012-05-11
Hello,

I need to run a batch file as local admin to change a value in Windows XP registry.
How do I do that?
Thanks
S
0
Comment
Question by:Sean
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 5
  • 4
  • +4
22 Comments
 
LVL 9

Expert Comment

by:sshah254
ID: 35185855
Right click-on command prompt and use the "Run as " option.

Then run the batch file form the DOS box.

Ss
0
 
LVL 1

Author Comment

by:Sean
ID: 35185869
No can do. The batch file will run via a log in script.
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 35185880
No can do* - You cannot automate runas to run like that and there is no other option through a logon script.

Now if you want to do this via a STARTUP script, you can put a startup script in a group policy and it should run as the system account.

Otherwise, if you tell us WHAT the batch file is supposed to do, there may be other options.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 1

Author Comment

by:Sean
ID: 35185902
The batch file is to change certain registry values. Since  my users are not a member of the local admin group so the script will not run.

0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 35185919
I think you can use a shortcut tp the batchfile at have it run as a different user. Psexec from Microsoft can also do this.
0
 
LVL 96

Accepted Solution

by:
Lee W, MVP earned 2000 total points
ID: 35185959
I guess I'll repeat:
> Now if you want to do this via a STARTUP script, you can put a startup
> script in a group policy and it should run as the system account.
0
 
LVL 23

Expert Comment

by:OP_Zaharin
ID: 35186022
-in the script u can specify: runas /user:Administrator cmd

- you might also want to check other syntax for runas:
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/runas.mspx?mfr=true

0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 35186042
> -in the script u can specify: runas /user:Administrator cmd
No, you can't - you cannot specify a password in the script.  And even if you could, that would be a REALLY unwise idea as it would be a script anyone could see!
0
 
LVL 23

Expert Comment

by:OP_Zaharin
ID: 35186060
slimlcd101, what language are you using to write the script? this is a sample of a VB script by Vic Laurie which also show a sample to supply the password:

'Written by Vic Laurie, May, 2004
'Not responsible for any problems arising from use of the script
'-------------------------------------------------------
Option explicit
dim oShell
set oShell= Wscript.CreateObject("WScript.Shell")
oShell.Run "runas /user:administrator ""PrintArt.exe"""
WScript.Sleep 100
'Replace the string yourpassword~ below with
'the password used on your system. Include tilde
oShell.Sendkeys "yourpassword~"
Wscript.Quit

0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 35186110
I'll repeat and emphasize - storing a password in a cleartext file is EXTREMELY UNWISE.
0
 
LVL 1

Author Comment

by:Sean
ID: 35186265
leew, you are correct in several points. You can not specify password wit "RunAs" command.
and yes storing the password is a bad idea, I am sure many here would agree. However as last resort and since this is only temporary I may have no choice.
Leew, cant do the start-up script because there is a lot more that needs to me in-place to be able to go that route but will certainly give it a try.

OP_Zaharin:
I am using .bat file. to run and .exe which will change registry values.
I will give your suggestion a try.

Thank you all. Much appreciated.
Sean
0
 
LVL 23

Expert Comment

by:OP_Zaharin
ID: 35186418
- I understand leew concern and I agree it is very bad to store the password in your script if it's not a compiled program.

Sean,
- if you are writing an .exe program, why not run it from "Startup" as suggested by leew? instead of running the .bat file, you execute the .exe straightaway. you can set at the "Properties" of the .exe file, under "Compatibility" tab to run as Administrator.

- however if you must run it as a .bat file, you can set the .bat file properties to run in minimize mode.  add @ECHO OFF on top of the code. and place it where normal user would not find it.

- here is an alternative to the Windows "runas" where you can supply the password. to be safe and avoid conflict with Windows "runas", I would rename to other name and put it in the same directory as the .bat file. purchase the software and it will encrypt your command line: http://www.softtreetech.com/24x7/archive/53.htm


0
 
LVL 1

Author Comment

by:Sean
ID: 35186542
OP Zaharin,
Just to make sure. I am the batch file is part of login script.  Would the above work for login scripts? I don't see why it shouldn't.

Thanks
S
0
 
LVL 23

Expert Comment

by:OP_Zaharin
ID: 35186615
Sean,
- i believe it will :)
0
 
LVL 4

Expert Comment

by:FireW0lf
ID: 35188692
Hi slimlcd101

Can I ask, why are you using a batch script? If you wish to change a registry key you can use a GPO to do this:

Computer Config / Windows Settings / Security Settings / Registry
 Add the reg key in there, apply the GPO to a group, job done - securely!
0
 
LVL 5

Expert Comment

by:xylog
ID: 35192177
If you are setting a registry key that is not part of the users profile, you can use the built in reg command:

reg add \\computername\HKLM\example\path /v your-value /d your-data /t your-type

The for command can be used to distribute this setting to a list of computers:

for /f %i in (list.txt) do reg add \\%i\HKLM\example\path /v your-value /d your-data /t your-type

0
 
LVL 1

Author Comment

by:Sean
ID: 35192801
I need to run an executable ( received from development ) to change about 10 registry values.
I don't want to have to do this manually on 30+ computers so I thought write a simple batch file that would run the executable and add the batch file to the login script no problem however, in order for the executable to run at the login the users must be a member of the local admin group.
By adding it to the login script I can choose the users that require this change.

0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 35192840
sorry, but I still don't understand why you can't do this with a group policy.  If you want to illustrate your environment better, maybe I can understand or maybe there's something you're misunderstanding.

The group policy as suggested by FireWolf or a startup script in a group policy - either should work.
0
 
LVL 1

Author Comment

by:Sean
ID: 35192987
leew,

I will certainly try the GPO route. Not too much experience with the GPO but I shall give it a try.
I will need to change the registry value not add. I guess that is also possible,
Thanks
0
 
LVL 4

Expert Comment

by:FireW0lf
ID: 35196542
Yes, if there is a reg entry already, the GPO will simply overwrite it

Open the GPMC and create a new GPO, call it "Reg Entries for Corporate app" or something meaningful
Edit the new GPO
In the left hand pane, navigate down to: Computer Config / Windows Settings / Security Settings / Registry
Add your reg entries in there (just get a list of the values from your dev team)
Close the GPO
Now, simply assign it to a meaningful AD group, and the next time the workstations do a GP Update (they do it automatically every so often) they will grab the policy and apply it

Simple as that  :-)
0
 
LVL 1

Author Comment

by:Sean
ID: 35204608
Firewolf,

sounds great.
Will give it a try.
Thanks
0
 
LVL 1

Author Closing Comment

by:Sean
ID: 35245506
Thank you.
0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Log files are useful in diagnosing and repairing problems.  This is a list of common log files and their standard locations that I've compiled.   While this is not exhaustive, it is a pretty good list that I've found to be useful.  I may update it f…
When you upgrade from Windows 8 to 8.1 or to Windows 10 or if you are like me you are on the Insider Program you may find yourself with many 450MB recovery partitions.  With a traditional disk that may not be a problem but with relatively smaller SS…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question