server 2019 + elevated cli in a script



  • Greetings, Is there a simple way to write a batch file that is elevated, so that a service can be shutdown ?
    What I am is doing is using robocopy to copy a database to a linux box. To shutdown the database , I need the elevated level to shutdown the database service. I can do it manually, however, the objective is to have it done daily in task scheduler.



  • Have you tried using the system account to run scheduled task/script?
    d26f2167-7908-429c-b3cb-8311fa41096a-image.png



  • @wrx7m , I have not. I wonder what username it would use when it copies to the linux box. Perhaps, making a backup
    on the Windows server, and then a second script to copy it to the Linux server.



  • @pattonb said in server 2019 + elevated cli in a script:

    @wrx7m , I have not. I wonder what username it would use when it copies to the linux box. Perhaps, making a backup
    on the Windows server, and then a second script to copy it to the Linux server.

    You can have the script connect to the other location with different credentials, or have two scripts, or a couple other possibilities.



  • Are you trying to elevate on the Windows side, or on the Linux side?



  • @Reid-Cooper windows side, the Linux side isn't an issue whatsoever. I am liking the solution suggested by wrx7m. Won't be able to test until tonight.



  • To confirm the change to "run as system" , it worked well. Had to utilize the 'net use' for user /permissions. I see there is a thread about automating that. Will investigate.
    thanks everybody



  • We prepend our bat and cmd batch files with this code to ensure we are elevated. This code will allow a batch file to elevate itself!

    Credit and a newer version here:
    https://stackoverflow.com/questions/7044985/how-can-i-auto-elevate-my-batch-file-so-that-it-requests-from-uac-administrator/25238418

    ::::::::::::::::::::::::::::::::::::::::::::
    :: Automatically check & get admin rights V2
    ::::::::::::::::::::::::::::::::::::::::::::
    @echo off
    CLS
    ECHO.
    ECHO =============================
    ECHO Running Admin shell
    ECHO =============================
    
    :init
    setlocal DisableDelayedExpansion
    set "batchPath=%~0"
    for %%k in (%0) do set batchName=%%~nk
    set "vbsGetPrivileges=%temp%\OEgetPriv_%batchName%.vbs"
    setlocal EnableDelayedExpansion
    
    :checkPrivileges
    NET FILE 1>NUL 2>NUL
    if '%errorlevel%' == '0' ( goto gotPrivileges ) else ( goto getPrivileges )
    
    :getPrivileges
    if '%1'=='ELEV' (echo ELEV & shift /1 & goto gotPrivileges)
    ECHO.
    ECHO **************************************
    ECHO Invoking UAC for Privilege Escalation
    ECHO **************************************
    
    ECHO Set UAC = CreateObject^("Shell.Application"^) > "%vbsGetPrivileges%"
    ECHO args = "ELEV " >> "%vbsGetPrivileges%"
    ECHO For Each strArg in WScript.Arguments >> "%vbsGetPrivileges%"
    ECHO args = args ^& strArg ^& " "  >> "%vbsGetPrivileges%"
    ECHO Next >> "%vbsGetPrivileges%"
    ECHO UAC.ShellExecute "!batchPath!", args, "", "runas", 1 >> "%vbsGetPrivileges%"
    "%SystemRoot%\System32\WScript.exe" "%vbsGetPrivileges%" %*
    exit /B
    
    :gotPrivileges
    setlocal & pushd .
    cd /d %~dp0
    if '%1'=='ELEV' (del "%vbsGetPrivileges%" 1>nul 2>nul  &  shift /1)
    
    ::::::::::::::::::::::::::::
    ::START
    ::::::::::::::::::::::::::::
    REM Run shell as admin (example) - put here code as you like
    ECHO %batchName% Arguments: %1 %2 %3 %4 %5 %6 %7 %8 %9
    
    ::::::::::::::::::::::::::::
    ::Begin Your Code here
    ::::::::::::::::::::::::::::
    

Log in to reply