Solved

scripting batch file to open folder then launch PGP script

Posted on 2013-12-19
9
1,164 Views
Last Modified: 2014-01-06
Hey all,
I'm attempting to run a batch file that does two things:

1. First opens cmd in a peticular folder;
      %comspec% /k cd "C:\Program Files (x86)\PGP Corporation\PGP Desktop\"

2. Run a Symantec PGP encryption script. (which has to run in cmd in the folder mentioned above.
    pgpwde --add-user --disk 0 -- passphrase  --passphrase UserPassword --username newadmin --admin-passphrase AdminPassword!"

The pgp script basically adds a new admin account to the pgp desktop software which I need to do on every laptop in the company. This script i'm working on will be initiated via group policy.

The problem i'm coming across is that I can't quite get the hand off from the first part to the second part down. they each work individually, but I can't seem to get the handoff right after the directory change to launching of the pgp script.

If anyone can help out i'd greatly appreciate it. my scripting is a little weak.
0
Comment
Question by:-JT
9 Comments
 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 250 total points
ID: 39731875
I am assuming you really want the new shell to terminate after it completes the second task (/c rather than /k) so you are probably looking at:

%comspec% /c "cd ""C:\Program Files (x86)\PGP Corporation\PGP Desktop\"" && pgpwde --add-user --disk 0 -- passphrase  --passphrase UserPassword --username newadmin --admin-passphrase AdminPassword!"

using the conditional continuation operator (&&) which executes the second command if and only if the first completes successfully.

Is this what you were after?
0
 
LVL 15

Accepted Solution

by:
Giovanni Heward earned 250 total points
ID: 39732235
A typical approach would be to simply call a batch script, which completes the desired actions.

For example (call script):
%comspec% /c \\server.domain.local\share\path\script.bat

[script.bat]
@echo off
if exist "%ProgramFiles(x86)%\PGP Corporation\PGP Desktop" (
   cd /d "%ProgramFiles(x86)%\PGP Corporation\PGP Desktop"
   pgpwde --add-user --disk 0 -- passphrase  --passphrase UserPassword --username newadmin --admin-passphrase AdminPassword!
   goto :eof
) else (
   echo "%ProgramFiles(x86)%\PGP Corporation\PGP Desktop" not found
)>>\\server.domain.local\share\path\%COMPUTERNAME%_%USERNAME%.log 2>&1

Open in new window


If you are actually using a quotation char in the password, you may need to escape it using a caret ^.
0
 

Author Comment

by:-JT
ID: 39733079
Thanks for the help guys, I was able to get it to function properly.  ;)
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 54

Expert Comment

by:McKnife
ID: 39752150
Although solved, two questions: what do you need the first command cd... for? Simply run %program files...%\...pgpwde.exe, no need to cd first.
Then: why not use the central management? This seems to be your administrative user, this can be set using the universal server, no script needed at all.
0
 

Author Comment

by:-JT
ID: 39760730
Hi McKnife,
so, you're correct about the cd, I dropped that out of the script.

As for the second part, we use a local windows admin account for authentication to pgp for the desktop guys. Only us network dudes know the central server admin account login. thats what makes this whole thing trickier then normal.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39760738
Hi.
> Only us network dudes know the central server admin account login
And why wouldn't you provide those desktop guys with the pgp wde admin password? It would not need to be the same as you use for the logon to the universal server.
0
 

Author Comment

by:-JT
ID: 39760749
From what i'm told by support, there can only be one wde admin pw. the login to the actual server is definitely different. Its a weird security separation thing.  it would be much easier not to have to deal with adding another local admin account to authenticate.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39760764
> there can only be one wde admin pw
Correct, but why don't you share that one?
0
 

Author Comment

by:-JT
ID: 39760787
I'd like to but the powers that be want to keep it separated <insert Offspring tune>. Anyway, I may push for a policy change because the script is inherently insecure without pw obfuscation, which I still need to figure out for this if i'm forced to continue down this road. Plain text pw's are no bueno.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question