Is there a way to include the password in the command string or turn off the prompt for password? I am trying to run a command that our users are not allowed to run but I get prompted for a password during the execution of the bat file.
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Answers

0
Use AutoIT, that way you can script the password into it, you can even compile it exe with a password for decopmpile so your password stays safe. AutoIT has a PasWait command, that is what you need.
Answered 12/15/2004 by: cdupuis
Third Degree Green Belt

Please log in to comment
0
There's a great utility out there that does this - cpau.exe. It's available at http://weblogs.asp.net/bhouse/articles/27986.aspx. You basically run this from a command line, just like runas, so it works great in scripts.

Here's how you would use cpau.exe to run regedit as local administrator on a local machine named \\computer with the password "password":

cpau –u computer\administrator –p password –ex regedit.exe –profile

I'd recommend reading the documentation before using. Oh, and you may want to send the guy a small donation as gratitude, if you like it.
Answered 12/15/2004 by: jbonbright
Senior Yellow Belt

Please log in to comment
0
One thing else I should mention: cpau.exe will only work on systems that support runas - i.e. Windows 2000, XP, and 2003. It will NOT work on NT.

Here's a better link to the download page for cpau: http://www.joeware.net/win/free/tools/cpau.htm
Answered 12/15/2004 by: jbonbright
Senior Yellow Belt

Please log in to comment
0
Another solution is to use the Script Packager feature of the Admin Script Editor: http://www.adminscripteditor.com/editor/scriptpackager/

This provides "RunAs" functionality (but does not actually use the RunAs utility itself). What you can do is create an encrypted executable out of your script (with any resource files you may need) and what you can do is specify the credentials under which the executable should run. Not only that, but the source files are protected by EFS and NTFS security during execution. If you wanted to put a password in the script, it would be pretty safe- but you don't even need to because you can specify the account the executable is to use at the time you create it in the editor.

Also has a really cool WMI wizard worth checking out: http://www.adminscripteditor.com/editor/wmiwizard/
Answered 12/15/2004 by: bkelly
Red Belt

Please log in to comment
0
I've done this before:

A further security by obscurity technique would be to pass the ASC{} character as a number.

I guess no method of providing a password from a file is truly secure, but you can make it harder [;)]

Also, you have to consider maintainability - if the admin password changes your script breaks.


ORIGINAL: cdupuis

Use AutoIT, that way you can script the password into it, you can even compile it exe with a password for decopmpile so your password stays safe. AutoIT has a PasWait command, that is what you need.
Answered 12/16/2004 by: aogilmor
Ninth Degree Black Belt

Please log in to comment
Answer this question or Comment on this question for clarity