I am trying to make a batch file that calls an executable named idlelogoff after a certain amount of idle time. I can see the process in task manager however the computer doesn't sign out.
However when I run the process as an administrator manually it works. I thought the system account was supposed to have all privileges. Very confused as to why this isn't working. Any help would be appreciated.
Below is my batch file contents.
start "IdleLogOff" /d C:\ /b idlelogoff.exe 10 logoff
I found an answer to this by using local group policy instead of domain policy . I used user configuration->windows settings-> and then logon scripts and had it run on an user logon. The script works from here but did not work from domain group policy for whatever reason
look into taskmanager- i suppose that the process runs under system-account when using domain-gpo- no matter if activated/linked in user or workstation context.
So the exe would check if the system-account is idle.
A solution could be putting the exe into autostart-folder or create a run-key into registry or with an scheduled task -> all can be done with a gpo
Related
OS: Windows Server 2008 R2 Enterprise
I am unable to get the Task Scheduler to run .bat files while I am logged off. I have a a production .bat file I want to use, but for my troubleshooting purposes I am using C:\Users\Administrator\Desktop\test.bat
test.bat is very simple. All it contains is:
taskkill /im notepad.exe
It runs successfully on its own. If I have Notepad open and I double-click test.bat then the cmd window flashes and Notepad dies. The .bat file is not the problem.
The task I created in Task Scheduler is "Test taskkill" (without the quotes). I can see its location in Windows Explorer: C:\Windows\System32\Tasks\Test taskkill
If the task is set to run only when the user is logged on then the task works. With this setting, I can right-click on it > run and I get the same behavior as if I double-click the .bat file. That means the task is configured correctly.
If I set it to run whether or not the user is logged on then when I right-click > run nothing obvious happens. The job is reported as having been run successfully in the history, but Notepad survives. I know that I am using the proper credentials for the account that I am configuring to run the task. That account is the local administrator.
This issue appears similar to issues other have had in the past:
Running a .bat file in Scheduled Task
http://social.technet.microsoft.com/Forums/windowsserver/en-US/d47d116e-10b9-44f0-9a30-7406c86c2fbe/scheduled-task-wont-run-bat-file?forum=winservermanager
The thread in the second link seemed to resolve an identical issue for many people with the suggestion that the account used to run the task requires explicit permission to the .bat file and all files that the .bat file modifies. This was very promising (if an annoying requirement). However, I have confirmed or assigned explicit permissions for the local administrator to the following areas, and I am still not successful:
C:\Users\Administrator\Desktop\
C:\Users\Administrator\Desktop\test.bat
C:\Windows\System32\Tasks\
C:\Windows\System32\Tasks\Test taskkill
Additionally, I have confirmed that the local administrator account is in the local administrators group.
Am I missing some other permissions that needs to be set? Is there something else I should be looking at? Thanks!
I have resolved this problem with help from a contractor who was doing some other work for my institution.
In the properties window for the task, on the Action tab, when creating or editing the action that opens the batch file (in my case test.bat), there is the "Program/script:" field and there is also a "Start in (optional):" field. I previously had the "Program/script:" field containing the full path to the file, ending with the file name, and I had the "Start in (optional):" field null. This configuration appears to work without issue when the task is set to "Run only when user is logged on" in the General tab of the task's properties window. However, this configuration does not work when the task is set to "Run whether user is logged on or not".
In order to resolve the problem, I changed the action so that the "Program/script:" field contained only the file name, not the file path. I put the file path in the "Start in (optional):" field. This configuration works when the task is set to "Run only when user is logged on"! I have tested with the task running on a trigger and also with running it manually.
Not sure if this helps. My issue was using a interactive program (in particular Excel) as well.
Creating the 2 empty folders (Desktop) solved it. Create both even if you are running on x64.
C:\Windows\System32\config\systemprofile\Desktop
C:\Windows\SysWOW64\config\systemprofile\Desktop
I debugged my code and realised the code exited at this line
ExcelFile excelFile = new ExcelFile(directory, filename);
I read this solution somewhere and I cannot find the URL now.
Try this as well..
Resolved the "Run whether user is logged on or not" by setting the “Log on as Batch Job” security policy.
Here is details on the setting… https://danblee.com/log-on-as-batch-job-rights-for-task-scheduler/
You may take another approach, but here is the steps…
1) I updated the default domain group policy by adding my admin account (that I fire the task with) to the “Log on as Batch Job” security policy. (Even though ADMIN group is listed, and I am using an admin account)
2) I forced GPUPDATE on the client
3) Rebooted the client
4) Looked at the policy on the client to make sure it made it over from the DC
5) Set the task "Run whether user is logged on or not"
6) Ran the task on demand and it worked creating a PDF file.
7) Logged out and ran the task at scheduled time and it worked creating a PDF file.
I had similar problem, but it was related to the fact that there was a space in the path of my executable batch file. I have removed the space and now it works fine.
What work for me was make sure that the path is available.
i used net use Z: \computername\folder /persistent:yes
then the xxcopy /s /c /d /e /i /y D:*.* z:\BackupBat
I notice all my other .bat work fine only the one with the reference to a map folder was the one no running, so that need to be the problem. with these change the bat file runs good.
Verifying the following has worked for me:
1) 'Run if user is not logged in' option in Task Scheduler does not work for programs that is interactive mode. Example notepad, clock. Tasks will not run interactively. Make sure your program does not requires any interactive actions.
2)Check the “Start in (optional) “ If your program path is not one of the system paths. You have better to add you program path in it. On the "Program/Script" enter only the name of the program, and enter the path of your script in "Start in".
3)The user account you setup for your program must have permission not only to run your program itself and but also to run all other program that related to your program.
Here is a sample program:
On C:\myprogram\folderOne\test.cmd
date /t >> c:\Temp\testAuto.log
date /t >> c:\temp\testAuto.log
echo ----->> c:\temp\testAuto.log
cls
exit
-Create a Tasks, selecting on General>SecurityOptions "Run whether user is logged on or not"
-Enter on Action>Program/script: test.cmd
on "Start in" C:\myprogram\folderOne
-Run, you might see the cmd windows open and closes very quickly. The testAuto.log file should be in c:\tmp folder.
It might be because you don't have permission. I was facing the same problem and i found the solution like this -
Open Task Scheduler right click on your task and than select properties option.
In properties click on General tab and then click on 'User Group or User' and select the appropriate user.
i'm trying to move file from 1 server to an other with schedule batch file, for that i use google drive as a third part where i store my files. i have made some script
#echo "executed %date:~-10,2%%date:~-7,2%%date:~-4,4%" >> Logs.txt
copy /y "C:\backup\Portal2%date:~-10,2%%date:~-7,2%%date:~-4,4%.bak" "c:\users\administrator\google drive\"
this script move a file from a directory to an other, it works fine if i click it,but if i try to schedule it doesn't work.
I tried to change path to a random path in my computer and scheduled it, it worked perfectly.
its like my computer doesn't recognize google drive at all.
When copying over a network you need to use credentials in the scheduled task that have access to the network resource.
This is probably a bit late for you but might be helpful to others who follow in your footsteps. I had this problem and it came down to security. When you run something in batch it doesn't have the correct permissions. I can't remember the exact solution but you need to set the batch task to run with your username.
I have a batch file which uses gpresult /v and saves the output in a text file and copy that text file to a shared folder. This batch when i run on my local machine works perfectly fine but once i deploy it through SCCM it says can not open file with error code 4. I dont know what is wrong in the file.
the code is Like this:
#echo off
gpresult /v >%computername%.txt
xcopy %computername%.txt \some path
Error 4 is "The system cannot open the file.", as if the path is invalid or the open() fails for some other reason.
Do you know what directory the program is running in (CWD)?
That's where the results of gpresult are going (if the output redirection succeeds).
gpresult is not going to produce meaningful user-level data for the SYSTEM user.
Perhaps you should use gpresult /v scope computer.
Why are you using xcopy when you're only copying one file? xcopy really only has added value (over copy) if you are copying directories.
xcopy's behavior changes depending on how you specify the target. If the target ends with the directory separator (backslash), xcopy treats it like it's a directory. If it doesn't and the target doesn't exist, xcopy asks you what to do, which causes automated processes to pause indefinitely waiting for user input.
SCCM Programs Run as 'NT Authority\SYSTEM'
When SCCM (2007) runs a program, the program doesn't run as a regular user. It runs as the highest privilege user (sort of), SYSTEM.
This account is not a regular account, and many settings and environment variables that exist and are predictable for a regular user are different or do not exist for SYSTEM.
One particularly frustrating "feature" of the SYSTEM account's profile is that it is nestled away under %WINDIR%\System32, and so it is subject to filesystem redirection whenever you refer to anything relative to the profile.
Try this: use psexec -s (sysinternals) to get shell access as the SYSTEM account and run the command in that environment to see how it behaves. This is as close as we can get to an environment like the one SCCM programs run under.
When SCCM runs the command, the CWD will probably be somewhere under %WINDIR%\SysWOW64\CCM\ and may be invoked with the 32-bit version of CMD.EXE.
I have a question in regards to something similar to this. So I have an uninstall bat that runs. Due to the vendors uninstall it causes a force close of the windows explorer UI. So in haste to solve that issue I added a call to open explorer.exe. There is a problem with this as someone pointed out to me. Actually as soon as he said I knew exactly what he was saying and where he was going with his statement. Calling explorer.exe would be fine except that the bat is running under the system context not the user so when explorer is restarted it will start under the guise of the system desktop profile not the user's. I know there is way to still run under the guise of system but to restart explorer under the currently logged in user's profile.
This must sound too naive because I am not a programmer. I need help with a batch file execution.
There are two user accounts on my Windows XP enabled PC and one of these accounts is used by my brother. Sometimes I need to leave messages for him to read as a reminder of something, for example, to back up his personal folders when he logs in next time.
So, I created a simple batch file with the following code:
#echo off
msg * It's time to backup your folders!
When executed by double clicking, the file works fine and shows the expected message. I placed a copy of the batch file in "C:\Documents and Settings\Brother\Start Menu\Programs\Startup" but couldn't make it execute automatically when my brother logged in.
Could somebody please show me where I went wrong?
According to this answer on Superuser, the startup folders for XP are actually in
%AllUsersProfile%\Start Menu\Startup
%UserProfile%\Start Menu\Startup
So the Programs\Startup may be used for something else.
If you are using Windows 10, there are 2 things that may be doing this:
Your file needs Administrator privileges (When i copy any file to startup with Admin privileges it will not work). - My experience
When you boot your computer wait a bit (30 - 50 seconds) to load all files make sure to don't do anything.
This is my experience in Windows 10 please correct me if im wrong in anything
I'm making a Cloud Drive program for my university (like dropbox for example, but much simpler), which let users automatically upload files on a server and share them with other users
I wanted to make an option, so that if someone boots the machine, the process will start automatically
What I think I have to do is to add an entry in the register at the key: HKEY_LOCAL_MACHINE/sofware/Windows/CurrentVersion/Run and I wrote these lines of code:
system("REG ADD HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run /v uCloud.exe /t REG_SZ /d \"C:\\Desktop\\uCloud\\uCloud.exe\" /f");
I also tried with the functions: RegOpenKeyEx and RegSetValueEx
the problem is that in both the cases I need administrator rights
If I edit the HKEY_CURRENT_USER the program automatically starts on boot, but it doesn't work at all (I mean I see the process, but it does nothing. I have to close the process and open it again manually and then it starts to download and update the stuffs)
Thanks a lot
When you use the task scheduler, you can use admin rights; see here: http://www.techrepublic.com/blog/window-on-windows/make-vista-launch-uac-restricted-programs-at-startup-with-task-scheduler/616