How would I encrypt a password in the cmd prompt that would allow a backup to a remote server?

You can't do it with CMD, I have a vb script at work that will do it with encryption, if this is still unanswer tomorrow I will upload it for you.

if you're going to have this is a bat file, you can start it with "Echo off" and that won't show the actual command being executed but only the results

Better yet if you are running it as a scheduled task just have the task run as the desired use, the problem is that you cannot automate the runas password entry of cmd bat files.

Don't want to automate with the password entry.  As I said I want to enter the password one time encrypted in the cmd line so I do not need to run cmd bat files with the password.

MaximumIQ:

Even with echo off the unencrypted password must be sent to the remote computer, which is what I want to avoid. Thanks

Don't want to automate with the password entry.  As I said I want to enter the password one time encrypted in the cmd line so I do not need to run cmd bat files with the password.    

Even with echo off the unencrypted password must be sent to the remote computer, which is what I want to avoid

So from what I gather you want to connect to the remote PC using a password once then run a few batch files with that same login? Are the batch files that you want to run always the same?

I would need to run to one batch file through an ongoing scheduled task and another batch file through another scheduled task. Thanks

Well if you what to enter the password each time the taks is run to have nothing to be concerned about as it will not be stored anywhere. The only reason you would need to have any concern is if you were going to be storing the password in your batch to take care of the login which you don't want to do. if you have your task launch the batch as the user you could have your way with one password entry each time. For instance:

Initial Batch:

REM C:\scripts\launch.bat
@echo off
runas /user:tuser c:\scripts\yourbatch.bat
exit

-----------------------
Your Backup Batch:
REM List current maps in case something goes wrong you have a log
net use >> c:\temp\currentmaplist.txt
net use P: /D
net use P: \\192.168.1.199\share /persistent:yes
net use G: /D
net use G: \\192.168.1.198\share /persistent:yes

Select allOpen in new window

Manually entering the password each time the task is run will not work since this backup will run at times when I am not logged in.

I thought I could enter it once using   net use \\192.168.1.199 /user:tuser /persistent:yes     and then enter the password at the  password request

Then have the scheduled tasks run the batch files without having to enter the password again. Is that correct?

BTW - What is the meaning of    net use P:  /D   and  net use G: /D    ?

No that will not work, bat files cannot store passwords for runas, you will need VB.
net use P: /D will disconnect the mapped drive P, you would do this to make sure you are using the correct location. net use >> c:\temp\currentmaplist.txt will give you a list of all maps drives first in case you disconnect one by accident.

Questions - The initial batch would not run unless I was logged in and entered the password for tuser each time the bat file was run. Is that correct?
"No that will not work, bat files cannot store passwords for runas, you will need VB."  What VB code do you refer to? Thanks


Initial Batch:

REM C:\scripts\launch.bat
@echo off
runas /user:tuser c:\scripts\yourbatch.bat
exit

Thank you.  Questions

Do I enter my password into   "enter text to be encoded"      ?

Then run encrypt.vbs

Then replace  "sevvzrug4" with the encrypted Password?  

Does the administrator have to be the user?  Can it be another user that has been included in the admin group for this server?

Yes make the file encrypt.vb run it, enter the password for the user take the output from that and put it in the two spots with sevvzrug4.
No it can be any user you like, if it is a domain user be sure to use: yourdomainname\username if its local just use the local account name.

I will test this as soon as my time allows. Thanks

Not a problem, good luck let me know if you have any other issues, should do exactly what you need though.

created  encrypt.cmd file - run(2Xclick) and the cmd prompt screen flashed. Could not see the output. Is the output stored in a file? thanks

It is not a .cmd file it is .vbs

Haven't used .vbs files before.
Do you create it in notepad and save as .vbs and double click to run?

When I follow this process I get a window with the password I entered on top left and a place to type text on the bottom of the window.

Exactly, same as a bat script but much more powerful.

Ok, back to the start: why would you not want to save the account info needed to the scheduled task itself? There, it is encrypted.

I have it saved somewhere else.

How do I get the encrypted password that I need to enter into your script if I can not see it?

There are two scripts that are required:
The first is this:
Take the text from below paste into into a new txt document and save this file as "encrypt.vbs"

'---------------------------------------------------------------------------
'Author      : PNorms
'Created     : 3/30/2011
'Description : Encrypt Password
'File Name	 : encrypt.vbs
'---------------------------------------------------------------------------

set winShell = WScript.CreateObject("WScript.Shell")
	txt = inputbox("enter text to be encoded")
	msgbox encode(txt)

function encode(e)
	For i = 1 To Len(e)
		newtxt = Mid(e, i, 1)
		newtxt = Chr(Asc(newtxt)+3)
		coded = coded & newtxt
	Next
	encode = coded
End Function

Select allOpen in new window

Double click on this script and enter your desire password, the output will be your new encrypted password make a note of it for later use.

OK. I made the mistake of replacing    enter text to be encoded      with  the password and then then running it.

The second script is your launcher this is the once you will be using in your day to day activities:
Take the text from below paste into into a new txt document.
On Line 14 enter your usernamer.
On Lines 21 and 22 replace Sdvvzrug4 with your encrypted password you just generated
Save this file as "launcher.vbs"

'---------------------------------------------------------------------------
'Author      : PNorms
'Created     : 3/30/2011
'Description : Runas
'File Name	 : backup.vb
'---------------------------------------------------------------------------

'Set Reqs ------------------------------------------------------------------
option explicit
	dim winShell, txt, i, newtxt, coded
	set winShell= CreateObject("Wscript.Shell")

'Runas ---------------------------------------------------------------------
function runas ()
		winShell.run("runas /noprofile /user:administrator " & Chr(34) & "c:\temp\test.bat" & Chr(34))
		WScript.Sleep 350
		winShell.SendKeys coded & "{ENTER}"
end function

'Password Encryption ---------------------------------------------------------------------
function encpass()
	For i = 1 To Len("Sdvvzrug4")
		newtxt = Mid("Sdvvzrug4", i, 1)
		newtxt = Chr(Asc(newtxt)-3)
		coded = coded & newtxt
	Next
End Function

'Run Everything And Quit  -----------------------------------------------------------------
	encpass()
	runas()
	WScript.Sleep 500
	WScript.Quit

Select allOpen in new window

Ha ha gotcha

What's Ha Ha gotcha about?

Ran encypt.vbs -  created encrypted password -

Set up Launch.vbs   double click  it opens in notepad but doesn't run. I have attached the code with edits as a screenshot.
I also attached a screen shot of the FtoRem.cmd file it is running.

The FtoRem.cmd is copying Folder1 on Drive:F  to the Folder on the Remote Share as indicated in the file.

Any ideas why its not running?
launch.png
FtoREM.cmd.png

What's Ha Ha gotcha about?
I was reffering to:
OK. I made the mistake of replacing    enter text to be encoded      with  the password and then then running it.

------------------

This is a very simple batch again the best meathod would be to use the batch (without the /user switch as it is not a switch for xcopy so your batch will not run properly either) as a scheduled task with the task running as user ad\zman.

If you don't want to do that just use the code below.

------------------
Be sure that on line 16 c:\scripts\FtoREM.CMD.bat is the location of your BAT file

You need a space after ad\zman as the command comes after it.

You need to run the functions as well you you need:
      encpass()
      runas()
      WScript.Sleep 500
      WScript.Quit

As to why it is launching in notepad the file extention must not be .vbs it it probably .txt
Double check it by opening a folder click tools, folder options, view, uncheck "Hide extensions for known file types." you will then probably see encypt.vbs.txt change it to encypt.vbs

option explicit
	dim winShell, txt, i, newtxt, coded
	set winShell= CreateObject("Wscript.Shell")
	
function runas ()
		winShell.run("runas /noprofile /user:ad\zman " & Chr(34) & "c:\scripts\FtoREM.CMD.bat" & Chr(34))
		WScript.Sleep 350
		winShell.SendKeys coded & "{ENTER}"
end function

function encpass()
	For i = 1 To Len("$jrttw456$")
		newtxt = Mid("$jrttw456$", i, 1)
		newtxt = Chr(Asc(newtxt)-3)
		coded = coded & newtxt
	Next
End Function

encpass()
runas()
WScript.Sleep 500
WScript.Quit

Select allOpen in new window

FtoREM.cmd   is a  .cmd file not .bat    I did not think it made a difference.

I save as .cmd not .bat and then appear to run the same.

Also which of the /letters is the user switch  (without the /user switch as it is not a switch for xcopy so your batch will not run properly either)?
Should I also delete          /user:ad/zman from FtoREM.cmd?

 Thanks

yes .cmd and .bat are pretty much the same they will run xcopy the same way.

the runas commands requires that you use /user (open a command prompt and type "runas /?" - no quotes, it will give you a list of useage.
If you do the same for xcopy ("xcopy /?" - no quotes) you will get the usage, notice there is no "/user".

So yes make your .cmd file look like this for that line:

%backupcmd% "F:\backups\folder1" "\\192.123.2.199\backups\backupfolder"

In regards to your suggestion below - Do not see option to click tools (where is it?) -  but took screen shot of the launch.vbs file in the folder and indicates that this is a .vbs file. If it really is a vbs file, why is it opening instead of running when I double click on file?  Is there another way to run the code?

As to why it is launching in notepad the file extention must not be .vbs it it probably .txt
Double check it by opening a folder click tools, folder options, view, uncheck "Hide extensions for known file types." you will then probably see encypt.vbs.txt change it to encypt.vbs


Picture-6.png

Yeah that is certainly a vbs, you may have accidentally hit "always open with notepad." Right click on the file, hit open with, choose "MS Windows Based Script Host" and check off always use the selected program to open this file type.

Right click on the file, hit open with, choose program, choose "MS Windows Based Script Host" and check off always use the selected program to open this file type.

Made all suggested changes - ran code and I see the cmd screen flash and thats it.  Running as  bman not zman.

I have attached the output for    runas /?   and  xcopy /?     Does not appear to be the expected output.  Thanks
Picture-3.png
Picture-4.png

Even if I don't get this to work right now, I will still award you the points.

Thanks for you help with this.

Forget everything else above:
Just try this and forget about encryption for now and running your cmd.
Replace yourpasswordunencrypted on line 9 with your ad\zman password no encryption for now.
Save the file as backup.vbs and run it, let me know if that runs

option explicit
	dim winShell
	set winShell= CreateObject("Wscript.Shell")

'Runas ---------------------------------------------------------------------
function runas ()
		winShell.run("runas /noprofile /user:ad\zman " & Chr(34) & "xcopy /s /c /d /e /h /i /r /y f:\Backups\folder1\ \\192.123.2.199\BACKUPS\backfolder\" & Chr(34))
		WScript.Sleep 50
		winShell.SendKeys "yourpasswordunencrypted" & "{ENTER}"
end function

'Run Everything ------------------------------------------------------------
	runas()

Select allOpen in new window

OK. Will try this later today and will let you know. Thanks

Still does not work.   Something that is missing from your code which I left out of what I had sent you but did include in the code that I ran is that

there should be a   Shared$    folder in the mapping (See below).  Would this make a difference?  I gave zman write only permissions on the share. thanks

\\192.123.2.199\Shared$\Backups\backfolder

At the cmd prompt when I type     net use \\IPaddress\Shared$/user:ad\zman

I get "System Error 53 has occurred

Network Pathway can not be found"

However, I can map this shared drive in Windows Explorer. Works every time.

Any ideas?