scripting batch file to open folder then launch PGP script

Posted on 2013-12-19
Last Modified: 2014-01-06
Hey all,
I'm attempting to run a batch file that does two things:

1. First opens cmd in a peticular folder;
      %comspec% /k cd "C:\Program Files (x86)\PGP Corporation\PGP Desktop\"

2. Run a Symantec PGP encryption script. (which has to run in cmd in the folder mentioned above.
    pgpwde --add-user --disk 0 -- passphrase  --passphrase UserPassword --username newadmin --admin-passphrase AdminPassword!"

The pgp script basically adds a new admin account to the pgp desktop software which I need to do on every laptop in the company. This script i'm working on will be initiated via group policy.

The problem i'm coming across is that I can't quite get the hand off from the first part to the second part down. they each work individually, but I can't seem to get the handoff right after the directory change to launching of the pgp script.

If anyone can help out i'd greatly appreciate it. my scripting is a little weak.
Question by:-JT
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 250 total points
ID: 39731875
I am assuming you really want the new shell to terminate after it completes the second task (/c rather than /k) so you are probably looking at:

%comspec% /c "cd ""C:\Program Files (x86)\PGP Corporation\PGP Desktop\"" && pgpwde --add-user --disk 0 -- passphrase  --passphrase UserPassword --username newadmin --admin-passphrase AdminPassword!"

using the conditional continuation operator (&&) which executes the second command if and only if the first completes successfully.

Is this what you were after?
LVL 15

Accepted Solution

Giovanni Heward earned 250 total points
ID: 39732235
A typical approach would be to simply call a batch script, which completes the desired actions.

For example (call script):
%comspec% /c \\server.domain.local\share\path\script.bat

@echo off
if exist "%ProgramFiles(x86)%\PGP Corporation\PGP Desktop" (
   cd /d "%ProgramFiles(x86)%\PGP Corporation\PGP Desktop"
   pgpwde --add-user --disk 0 -- passphrase  --passphrase UserPassword --username newadmin --admin-passphrase AdminPassword!
   goto :eof
) else (
   echo "%ProgramFiles(x86)%\PGP Corporation\PGP Desktop" not found
)>>\\server.domain.local\share\path\%COMPUTERNAME%_%USERNAME%.log 2>&1

Open in new window

If you are actually using a quotation char in the password, you may need to escape it using a caret ^.

Author Comment

ID: 39733079
Thanks for the help guys, I was able to get it to function properly.  ;)
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 55

Expert Comment

ID: 39752150
Although solved, two questions: what do you need the first command cd... for? Simply run %program files...%\...pgpwde.exe, no need to cd first.
Then: why not use the central management? This seems to be your administrative user, this can be set using the universal server, no script needed at all.

Author Comment

ID: 39760730
Hi McKnife,
so, you're correct about the cd, I dropped that out of the script.

As for the second part, we use a local windows admin account for authentication to pgp for the desktop guys. Only us network dudes know the central server admin account login. thats what makes this whole thing trickier then normal.
LVL 55

Expert Comment

ID: 39760738
> Only us network dudes know the central server admin account login
And why wouldn't you provide those desktop guys with the pgp wde admin password? It would not need to be the same as you use for the logon to the universal server.

Author Comment

ID: 39760749
From what i'm told by support, there can only be one wde admin pw. the login to the actual server is definitely different. Its a weird security separation thing.  it would be much easier not to have to deal with adding another local admin account to authenticate.
LVL 55

Expert Comment

ID: 39760764
> there can only be one wde admin pw
Correct, but why don't you share that one?

Author Comment

ID: 39760787
I'd like to but the powers that be want to keep it separated <insert Offspring tune>. Anyway, I may push for a policy change because the script is inherently insecure without pw obfuscation, which I still need to figure out for this if i'm forced to continue down this road. Plain text pw's are no bueno.

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question