Reputation: 80
Is it possible to run a command headlessly (in a bat script) as another user on Windows?
I want to have a .bat script do a particular task as a different user and run headlessly (no user input or prompting is allowed). Is there a way to do this with a .bat script? Please note that I am constrained to not use PowerShell as it not installed by default on all of the Windows operating systems that we must support.
I have considered RUNAS in my script, but it apparently requires interactive input.
In Linux, the equivalent idiom is:
echo "Password" | sudo -S -u username "command"
Any suggestions for Windows .bat scripts?
Update: I believe that vbscript is always available on Windows, so if a purely headless solution is available via vbscript, then that is good, too!
Upvotes: 3
Views: 15377
Answers (3)
Reputation: 24476
Here's another alternative:
wmic /user:username /password:pass process call create "cmd /c \"d:\\path\\to\\program.exe\" /arg etc"
EDIT : Apparently that doesn't allow authentication with separate credentials on the local machine.
There's a way to call runas with vbscript and have the vbscript send the password to the console to automate the password entry.
set WshShell = WScript.CreateObject("Wscript.Shell")
WshShell.run "runas /noprofile /user:USERNAME " + Chr(34) + "d:\path\to\command.exe /args" + Chr(34)
WScript.Sleep 500
WshShell.SendKeys "PASSWORD"
WshShell.SendKeys "{ENTER}"
set WshShell = nothing
Save that to a .vbs file and call it via cscript /nologo script.vbs
If you need that to run from a batch script, just do some creative echos.
@echo off
setlocal
set username=username
set password=password
set program=d:\path\to\program.exe /arg argument
echo set WshShell = WScript.CreateObject(^"Wscript.Shell^")>runas.vbs
echo WshShell.run ^"runas /netonly /noprofile /user:%username% ^" + Chr(34) + ^"%program%^" + Chr(34)>>runas.vbs
echo WScript.Sleep 500>>runas.vbs
echo WshShell.SendKeys ^"%password%^">>runas.vbs
echo WshShell.SendKeys ^"{ENTER}^">>runas.vbs
echo set WshShell = nothing>>runas.vbs
cscript /nologo runas.vbs
del /q runas.vbs
If that doesn't work for you, you could also use psexec to run a program with different credentials.
psexec -u USERNAME -p PASSWORD d:\path\to\command.exe
The only other alternative I can think of would be to run your script through a group policy startup script, which would execute the script from a system account. I also thought about calling it from the registry's HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce, but I think that might launch it from the first user who logs in after reboot.
Upvotes: 8
Reputation: 1139
Try the runas command.
runas /user:"DOMAIN\user" "C:\Program Files\path\to\program.exe" /savecred
You can save the credentials with /savecred, and not have to enter it another time.
http://technet.microsoft.com/en-us/library/cc771525.aspx
Upvotes: 0
Reputation: 26170
runas is the right way to do it. Add /username user /savecred the first time you run the batch it will ask for user's password and save it so next times it will run with the saved credential
Upvotes: -1
Related Questions
- Run as Different User Include Password - Bat
- Run script as administrator passing arguments
- Run BAT file on remote server using VBScript. No psexec, and as a different user
- Run Bat file in Administrator Mode
- How to run a batch command in Windows as a different user without typing the password?
- How can I call a PowerShell script as a particular user from the Windows command prompt?
- Execute .cmd file through PowerShell with Runas Different User
- Run .bat file through C# code as different user silently
- Batch file: run command in a cmd.exe launched as a different user using batch file
- Run a script file as administrator