Reputation: 93
Can't figure out what this code does exactly
I'm trying to deploy an application via sccm to windows 7 pcs (Around 300 pcs). the app is based on Java jre-7u55. There is no problem with deployment or the app. Deployment works , yet the problem is for nonadmin and admin users the app is promoting windows UAC. and application will only allow to run for Admin users not for normal users thought they provide their right credentials. (App referred here is a short cut created by bat file that will load java binaries,program stuff)
This is the bat file..
@echo off
setlocal
setlocal enabledelayedexpansion
:: BatchGotAdmin
:-------------------------------------
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
exit /B
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
pushd "%CD%"
CD /D "%~dp0"
:--------------------------------------
:install
set GAS_BIN=%~dp0
cd %GAS_BIN%
cd ..
set GAS_HOME=%cd%
cd "%GAS_HOME%"
set JAVA_OPTS=-Xms128m -Xmx512m -XX:MaxPermSize=128M
set CLASSPATH=bin/*
set JAVA_HOME=C:/Java/jre1.7.0.55
set PATH=%JAVA_HOME%/bin;%PATH%
start "GAS STANDALONE" "%JAVA_HOME%\bin\javaw" %JAVA_OPTS% -classpath "%CLASSPATH%" com.airbus.agsm.core.launcher.ServerMain
:done
endlocal
What my concern about is below code (I know this is the thing that is responsible for UAC) uac code
@echo off
setlocal
setlocal enabledelayedexpansion
:: BatchGotAdmin
:-------------------------------------
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
exit /B
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
pushd "%CD%"
CD /D "%~dp0"
:--------------------------------------
I have certain understanding about programming. Yet I want to make sure is this the part that forces admin privileges to run/load the Java code..
OR is it trying to do something else and failed and then request for admin privileges for running the app for non-admin users.
I need to understand it correctly to go ahead with windows troubleshooting or any other , to make it work for non-admin users .
Please help to interpreter it correctly. (Three is less support from app creator as well as Im a system deployment guy not a programmer)
Upvotes: 0
Views: 1222
Answers (1)
Reputation: 1162
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
This tries to run command caclswith %SYSTEMROOT%\system32\config\system as parameter. This command will succeed if the current user has privileges so the %errorlevel% will be 0, it will fail if current user has not enough privileges so the %errorlevel% will not be 0. If the command fails :UACPrompt subroutine is called.
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
exit /B
Shell script is created. This shell script requests UAC higher level of privilege and then calls the bat script again but this time with higher level of privilege. Code executes the shell script and terminates with exit /B command.
The shell script calls the BAT code again, but since we have higher privileges now :UACPrompt is not executed and execution is "skipped" to :gotAdmin.
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
pushd "%CD%"
CD /D "%~dp0"
Which deletes shell script and sets state which will enable the rest of the script to run normally.
The code is trying to do something that requires admin privileges, if it fails it will request admin privileges from the user
Upvotes: 2
Related Questions
- What does "@" mean in Windows batch scripts
- What encoding/code page is cmd.exe using?
- What does #defining WIN32_LEAN_AND_MEAN exclude exactly?
- Can't start Eclipse - Java was started but returned exit code=13
- What does %~d0 mean in a Windows batch file?
- What does %~dp0 mean, and how does it work?
- What exactly are DLL files, and how do they work?
- Return value of a function to a function in batch script
- launching the xml files