locked
Start a script as administartor from within a script (Batch) RRS feed

  • Question

  • Hi,

    I have a Batch script that is started remotely from one computer(PC-X)  on another(PC-A).

    Now within the script tat is running on the PC-A I want to triger another Batch script  (or command) with administartive privileges.
    Everey thing I tried till now failed.

    I now stick on the Evelate Tools: Elevate Tools

    But I also Fail:

    Script A:

     
    D:
    CD D:\ElevDir
    @Echo Parent Script>> D:\elev.txt
    Elevate32 -s 1 -d D:\ElevDir cmd.exe /c D:\ElevDir\Cmd_Tracer.bat
    @Echo Parent Script>> D:\elev.txt

    Script B:

    @Echo OFF
    D:
    CD D:\ElevDir
    @Echo Child Script >> D:\elev.txt
    for /F "TOKENS=1,2,*" %%a in ('tasklist /FI "IMAGENAME eq MyProcess.exe"') do set MyPID=%%b
    @Echo %MyPID% >>  D:\elev.txt
    @Echo Child Script >> D:\elev.txt

    When I run it manually it allways prompts me for a UAC, but this is not wanted during a automated execution ...
    I'think I missing something basic ...

    Tuesday, June 10, 2014 5:41 PM

Answers

  • I want to pass the credentials from within the first script and dont want to have a manual interaction.

    You cannot bypass the UAC prompt, and this is by design.

    FAQ: Why can't I bypass the UAC prompt?


    -- Bill Stewart [Bill_Stewart]

    • Marked as answer by Bill_Stewart Monday, August 11, 2014 8:28 PM
    Wednesday, July 9, 2014 1:48 AM

All replies

  • The elevate32.exe program elevates a program on the current computer only. It won't elevate a program on a remote computer. All it does is cause the UAC prompt to appear. You cannot bypass the UAC prompt.

    Perhaps it would be better to tell what you are trying to do, rather than your proposed solution.


    -- Bill Stewart [Bill_Stewart]

    • Proposed as answer by Bill_Stewart Wednesday, July 2, 2014 3:00 PM
    • Unproposed as answer by John Mano Tuesday, July 8, 2014 10:31 PM
    • Proposed as answer by Bill_Stewart Saturday, July 12, 2014 5:09 AM
    Tuesday, June 10, 2014 5:59 PM
  • Sorry for beeing not prcesly enough.
    The remote Execution is not the Problem, as I only remotely trigger the first script.
    Everything else is local. 

    It is like starting the First Script (Script A) with TaskScheduler (or even manually). 
    In D:\ElevDir there are the files form the Elevate tool and the Script B (which should be elevated).

    What I want to have is a Batch Script which was automaticaly started (eventually triggered from a remote host)  in elevated mode, so I can do tasks with administartive privileges.

    Wednesday, June 11, 2014 4:31 PM
  • Your question is still not clear. Please give an example of what you want to do, not how you think it needs to be done.

    -- Bill Stewart [Bill_Stewart]

    Wednesday, June 11, 2014 4:49 PM
  • As noted above.  This cannot be done.

    When running a remote call you do not and cannot elevate.

    I see nothing in what you are doing that is remote.  WHere is it in your scripts that you think you are remoting.

    Running a batch file from a remote share is NOT remoting.  It is just running a batch file locally that is stored on a share.

    Running anyting locally cannot be done under task scheduler using Bill's EXE.  Task scheduler can be run with elevation but no other processes can.

    Now you posted this: "I have a Batch script that is started remotely from one computer(PC-X)  on another(PC-A)."

    How is this being started remotely? What tool is being used to run or start it remotely?


    ¯\_(ツ)_/¯

    Wednesday, June 11, 2014 4:52 PM
  • Your question is still not clear. Please give an example of what you want to do, not how you think it needs to be done.

    -- Bill Stewart [Bill_Stewart]

    I want to have an batch script with administrativ privileges, so that it can start programs and actions that need administrative privileges:

    Acting in the system folders, installing/removing some programs, attaching debugger to a process.

    Thursday, June 12, 2014 11:24 AM
  • As noted above.  This cannot be done.

    When running a remote call you do not and cannot elevate.

    I see nothing in what you are doing that is remote.  WHere is it in your scripts that you think you are remoting.

    Running a batch file from a remote share is NOT remoting.  It is just running a batch file locally that is stored on a share.

    Running anyting locally cannot be done under task scheduler using Bill's EXE.  Task scheduler can be run with elevation but no other processes can.

    Now you posted this: "I have a Batch script that is started remotely from one computer(PC-X)  on another(PC-A)."

    How is this being started remotely? What tool is being used to run or start it remotely?


    ¯\_(ツ)_/¯

    I trigger the script remotely (using psexec) - but this does not matter as it has NO influence on all of this.

    To make it more simple in the example I have just two local scripts -> Script A (triggered from anything (TaskScheduler eg)) and Script B that should be elevated.

    Thursday, June 12, 2014 11:29 AM
  • Sorry but I still don't understand what you are trying to do.

    Try to explain in very plain language what your goal/purpose is. For example, "I want to run a script on the local computer as administrator but I want to bypass the UAC prompt." (If that's the question, the answer is that you cannot bypass the UAC prompt, and this is by design.)


    -- Bill Stewart [Bill_Stewart]

    Thursday, June 12, 2014 1:38 PM
  • As noted your question is still vague.

    PsExec runs remote tasks via an admin account.  There is no elevation.  In a domain this does not require elevation.  in a workgroup you cannot remotely obtain an elevated session.

    If Script A is running local under the task scheduler it cannot be elevated bu the task scheduler can be set to run with all privileges.

    If your issue is how to use PsExec then post your question in the SysInternals forum.  PsExec is not a script it is a utility.

    If you are having a specific issue then tell us what it is or what error you are getting.

    Forget about issues of elevation.  Under your setup you cannot cause elevation via any scripting methods.   THe purpose of UAC is, in part, to prevent scripts from running with admin rights except under specific conditions.

    Now what is the specific issue.


    ¯\_(ツ)_/¯

    Thursday, June 12, 2014 1:38 PM
  • Do you still need help with this question?

    -- Bill Stewart [Bill_Stewart]

    Monday, June 16, 2014 9:54 PM
  • Yes, I would still be happy if there would be a solution to elevate a program (or a batch script) from within another batch script. 
    I want to pass the credentials from within the first script and dont want to have a manual interaction.


    • Edited by John Mano Tuesday, July 8, 2014 10:34 PM
    Tuesday, July 8, 2014 10:33 PM
  • Yes, I would still be happy if there would be a solution to elevate a program (or a batch script) from within another batch script. 
    I want to pass the credentials from within the first script and dont want to have a manual interaction.


    As stated before you cannot do what you are trying to do.  There is no way to remotely elevated a script.


    ¯\_(ツ)_/¯

    Tuesday, July 8, 2014 10:40 PM
  • I want to pass the credentials from within the first script and dont want to have a manual interaction.

    You cannot bypass the UAC prompt, and this is by design.

    FAQ: Why can't I bypass the UAC prompt?


    -- Bill Stewart [Bill_Stewart]

    • Marked as answer by Bill_Stewart Monday, August 11, 2014 8:28 PM
    Wednesday, July 9, 2014 1:48 AM