I took this portion out of a larger script that I'm modifying in order to create and set the permissions to shares on remote file servers. I know this can done with Powershell but there are legacy servers preventing me from using it in this case unfortunately.
My concerns are that I'm not sure you can stack the psexec commands the way that I'm attempting to, that it is processing the parenthesis, and that it may not be passing on the variables to psexec properly. Trying to use call in this case may also add a lot of complexity but may be an option.
#echo off
setlocal EnableDelayedExpansion
set Fs1FQDN=fs1.city.local
set Fs2FQDN=fs2.city.local
set Fs3FQDN=fs3.city.local
set BSTFQDN=bst-fs1.city.local
:: this is set to whatever server is being tested
set UserFileServer=fs1.city.local
set UserName=footest
:: please note that for icacls I am setting up a user I know exists to insure that it can appropriately set permissions
:EMPTY_FUNCTION
echo.
echo EXECUTING CREATEUSERFILESHARE
echo.
CREATEUSERFILESHARE
:CREATEUSERFILESHARE
if UserFileServer==%Fs1FQDN% (
echo.
echo Generating user folder on file server %UserFileServer%
echo.
psexec \\%Fs1FQDN% -e cmd /c mkdir E:\UDrives\%UserName% ^& attrib +h E:\UDrives\%UserName% /s /d ^& icacls "E:\UDrives\%UserName%" /grant:r "CITY\%UserName%":(OI)(CI)M)
echo. User folder successfully created
echo.
goto CLEANUP
) else if UserFileServer==%Fs2FQDN% (
echo.
echo Generating user folder on file server %UserFileServer%
echo.
psexec \\%Fs2FQDN% -e cmd /c (mkdir E:\UDrives\%UserName% ^& attrib +h E:\UDrives\%UserName% /s /d ^& icacls "E:\UDrives\%UserName%" /grant:r "CITY\%UserName%":(OI)(CI)M)
echo. User folder successfully created
echo.
goto CLEANUP
) else if UserFileServer==%Fs3FQDN% (
echo Generating user folder on file server %UserFileServer%
echo.
psexec \\%Fs3FQDN% -e cmd /c (mkdir E:\UDrives\%UserName% ^& attrib +h E:\UDrives\%UserName% /s /d ^& icacls "E:\UDrives\%UserName%" /grant:r "CITY\%UserName%":(OI)(CI)M)
echo. User folder successfully created
echo.
goto CLEANUP
) else if UserFileServer==%BSTFQDN% (
echo.
echo Generating user folder on file server %UserFileServer%
echo.
psexec \\%BSTFQDN% -e cmd /c (mkdir D:\UserHomeDrive\UDrives\%UserName% ^& attrib +h D:\UserHomeDrive\UDrives\%UserName% /s /d ^& icacls "D:\UserHomeDrive\UDrives\%UserName%" /grant:r "CITY\%UserName%":(OI)(CI)M)
echo. User folder successfully created
echo.
goto CLEANUP
) else (
echo.
echo Invalid selection or no file server specified. Skipping user folder creation...
echo
goto CLEANUP
:CLEANUP
echo.
echo CLEANUP INITIATED
exit
I did get this resolved. So it turns out you don't need to stack remote commands to the terminal in psexec. Since each successful remote command returns an error code it will proceed to the next set of commands. Please note that you will not get any sort of error code back unless you log it on the machine you are performing remote executions on.
A working chunk of the originally posted code would be.
:CREATEUSERFILESHARE
if UserFileServer==%Fs1FQDN% (
echo.
echo Generating user folder on file server %UserFileServer%
echo.
psexec \\%Fs1FQDN% -e cmd /c mkdir E:\UDrives\%UserName%
psexec \\%Fs1FQDN% -e cmd /c icacls "E:\UDrives\%UserName%" /grant:r "CITY\%UserName%:(OI)(CI)M"
echo. User folder successfully created
echo.
goto CLEANUP
Related
For a batch file project of mine, I had to create two text files if they didn't already exist. For some reason the 'if exist "example.txt"' didn't work. What I mean by that is:
if not exist "example.txt" goto :label
wouldn't go to 'label' when the file did not exist. So, i presumed the file must be existing already (from my previous tests). The thing is that
if exist "example.txt" goto :label2
always went to 'label2', even though later in the script cmd could not find the file, and the folder is empty except the batch script (the file didn't exist). I decided I'd test the label for if the file didn't exist anyway. when I used the break> command to create the text file, it came back as access is denied. It did the same thing with the following code which i used to enter information:
>> "example.txt" echo 0
and with
del/f "example.txt"
I am a full administrator on my computer, the code I use works in other batch files I have created. I have tried running cmd in administrator (same outcome). Specifying the directory works no better in this case than using current directory. I'm wondering what is the cause of this is.
Anyway, here is the full batch script.
#echo off
title Folder Safe
color e8
if exist "infocj.txt" goto start
goto MAKESOURCE
:MAKESOURCE
rem notes: access is denied. this means that createproc doesn't work (createproc relies on makesource).
break>"infocj.txt"
attrib +s +h +r "infocj.txt"
break>"setupcj.txt"
>> "setupcj.txt" echo 0
attrib +s +h +r "setupcj.txt"
goto START
:START
echo what safe do you want to unlock (number only)
set/p "loc=>"
if exist %loc% goto LOCK
if exist Locked%loc% goto UNLOCK
echo there is no safe hashing to %loc%. do you wish to create a new safe? (y/n)
set/p "cho=>"
if %cho%==y goto createpass
exit
:LOCK
cls
For /f "tokens=%loc% delims=;" %%i in (infocj.txt ) do set pass=%%i
echo enter password to lock Safe %loc%
set/p "qaz=>"
if not %qaz%==%pass% goto END
ren %loc% Locked%loc%
attrib/d +h +s +r Locked%loc%
exit
:UNLOCK
cls
For /f "tokens=%loc% delims=;" %%i in (infocj.txt ) do set pass=%%i
echo enter password to unlock Safe %loc%:
set/p "qaz=>"
if not %qaz%==%pass% goto END
ren Locked%loc% %loc%
attrib/d -s -h -r %loc%
exit
:createpass
echo enter password:
set/p "pass=>"
cls
echo confirm password:
set/p "npass=>"
cls
if not %pass%==%npass% (
echo the passwords you entered are not matching
timeout /t 2 /nobreak > NUL
goto createpass
)
goto createproc
:createproc
rem this stuff is screwed because the stuff under makesource is not working properly, but even if I do all that manually, a lot of this still returns access is denied
for /f "tokens=* usebackq" %%a in ("infocj.txt") do set inf=%%a
set inf=%inf%%pass%;
attrib -s -h -r "infocj.txt"
del/f "infocj.txt"
break>"infocj.txt"
>> "infocj.txt" echo %inf%
attrib +s +h +r "infocj.txt"
for /f "delims=" %%b in ("setupcj.txt") do set stp=%%b+1
md %stp%
attrib -s -h -r "setupcj.txt"
del/f "setupcj.txt"
break>"setupcj.txt"
>> "setupcj.txt" echo %stp%
attrib +s +h +r "setupcj.txt"
echo your locker hashes to the number %stp%
pause
exit
Thanks in advance for your answers. This one's got me truly stumped.
EDIT: I have updated this post to include the entire script.
EDIT: While not ideal, this is meant to be an automation of a fix provided by the company that makes the software.
I have a batch file that I am running as Administrator.
I am running a batch file based on the file system input by the user.
One of the first commands renames a file.
If I execute this command on its own, from an elevated command prompt, it renames the file.
When I nest the command inside the IF statement, it doesn't rename the file.
I have commented out all of the other lines to simply rename the file if the user enters "1".
I have tried encapsulating the file path and file each individually within quotes, which I shouldn't need, and still do not get it to rename the file.
I am running the batch script as Admin.
#echo off
setlocal EnableDelayedExpansion
if "%$ecbId%" == "" (
echo Welcome to the ADaPT
echo Choose '1' for 32 bit
echo Choose '2' for 64 bit
echo Type anything else to abort.
echo.
set "UserChoice=abort"
set /P "UserChoice=Type your choice: "
if "!UserChoice!"=="1" (
echo Executing 32 bit sequence...
echo Regsvr32.exe /u C:\Windows\System32\MSCOMCTL.OCX
echo REN C:\Windows\System32\MSCOMCTL.OCX MSCOMCTL.bak
xcopy C:\install\MSCOMCTL.OCX C:\Windows\System32 folder
Regsvr32.exe C:\Windows\System32\MSCOMCTL.OCX
Regsvr32.exe /u C:\Windows\System32\MSCOMCTL.OCX
del "C:\Windows\System32\ MSCOMCTL.OCX"
echo REN "C:\Windows\System32\MSCOMCTL.bak" "MSCOMCTL.OCX"
Recho Regsvr32.exe C:\Windows\System32\MSCOMCTL.OCX
shutdown.exe /r /t 00
)
if "!UserChoice!"=="2" (
echo Regsvr32.exe /u C:\Windows\SYSWOW64\MSCOMCTL.OCX
echo REN "C:\Windows\SYSWOW64\MSCOMCTL.OCX" "MSCOMCTL.bak"
xcopy C:\install\MSCOMCTL.OCX C:\Windows\SYSWOW64 folder
Regsvr32.exe C:\Windows\SYSWOW64\MSCOMCTL.OCX
Regsvr32.exe /u C:\Windows\SYSWOW64\MSCOMCTL.OCX
del "C:\Windows\SYSWOW64\ MSCOMCTL.OCX"
echo REN "C:\Windows\SYSWOW64\MSCOMCTL.bak" "MSCOMCTL.OCX"
echo Regsvr32.exe C:\Windows\SYSWOW64\MSCOMCTL.OCX
REM... shutdown.exe /r /t 00
)
if not "!UserChoice!"=="1" (
echo toto3
if not "!UserChoice!"=="2" (
echo toto4
echo Unknown input ... Aborting script
endlocal
exit /B 400
)
)
)
endlocal
I have simplified your entire script structure so as not to require parenthesised blocks, or the need to delay expansion:
#Echo Off
If Defined $ecbId GoTo :EOF
Echo Welcome to the ADaPT
Choice /C CQ /M "Continue or Quit"
If ErrorLevel 2 GoTo :EOF
Set "Dest=TEM32"
Set PROCESSOR_ARCHITE|Find "64">Nul&&(Set Dest=WOW64)
Set "Dest=%SYSTEMROOT%\SYS%Dest%"
Echo Executing sequence . . .
RegSvr32 /U "%Dest%\MSCOMCTL.OCX"
Rem To backup and replace MSCOMCTL.OCX:
Rem Uncomment the next three unRemarked lines
Rem and comment the next three unRemarked lines below them.
::Del /A /F "MSCOMCTL.bak" 2>Nul
::Ren "%Dest%\MSCOMCTL.OCX" "MSCOMCTL.bak"
::XCopy "C:\install\MSCOMCTL.OCX" "%Dest%"
Rem To recover MSCOMCTL.OCX from the backup:
Rem Comment the next three unRemarked lines
Rem and uncomment the previous three unRemarked lines above them.
If Not Exist "MSCOMCTL.bak" RegSvr32 "%Dest%\MSCOMCTL.OCX" & GoTo :EOF
Del /A /F "%Dest%\MSCOMCTL.OCX"
Ren "%Dest%\MSCOMCTL.bak" "MSCOMCTL.OCX"
RegSvr32 "%Dest%\MSCOMCTL.OCX"
ShutDown /R /T 0 /D P:2:4
Notes:It is probably safe to delete lines 3 and empty line 4, I left them in only because no explanation was provided as to the purpose of the %$ecbId% variable value comparison.I have added Remarks for toggling the script for the backup or recovery methods, but not knowingly altered any of your command sequence, (I have however added the /A and /F options with Del, just in case, and included the /D option with ShutDown to ensure that the logs show it as a planned shutdown event).
I have the following batch script to make life easier at work.
Here is what it is supposed to work:
1- Drag and drop some file onto the .bat
2- Choose file's destination on the "menu"
3- Script copy's files to destination folder
4- Script executes remote procedure (that's the PSexec line)
5- Script copy's the result of the remote procedure to other folders.
And this works fine... except for a "small" detail with which i need some help.
When i try to copy the network location \10.250.39.116\d%... if i haven't previously logged into that machine it wont work.
I've been looking into the 'net use' command to overcome this, but i'm not sure if it suits my needs.
There are a total of 4 different machines i need to authenticate, dependent on the choice of the menu.
Actual Question:
Can i log in to such machines with the batch, and avoid creating duplicate connections every time i run the script ? If so, how?
Thank you for your time!
:)
I know the paths I have all point to the same place :)
#echo off
setlocal enabledelayedexpansion
ECHO.
ECHO ...............................................
ECHO PRESS 1, 2 OR 3 to select your task, or 4 to EXIT.
ECHO ...............................................
ECHO.
ECHO 1 - Compilar em Qualidade
ECHO 2 - Compilar na HSDEV
ECHO 3 - Compilar nas DEMOS
ECHO 4 - EXIT
ECHO.
SET /P M=Type 1, 2, 3, or 4 then press ENTER:
IF %M%==1 GOTO :QUAL
IF %M%==2 GOTO :HSDEV
IF %M%==3 GOTO :DEMO
IF %M%==4 GOTO EOF
:QUAL
set "PathForms6=\\10.250.39.116\d$\GLINTTHSIAS\GLINTTHS\compilador\fmb6i\GH\"
set "PathForms10=\\10.250.39.116\d$\GLINTTHSIAS\GLINTTHS\compilador\fmb10\GH\"
set PathCompilador=\\10.250.39.116 -u Administrator -p Password1 cmd "/C d: & cd d:\GLINTTHSIAS\GLINTTHS\compilador & GH_PRIV_10_02_Forms.bat"
set PathDestinoPriv=\\10.250.39.116\d$\GLINTTHSIAS\GLINTTHS\PRIV\GH
set PathDestinoPub=\\10.250.39.116\d$\GLINTTHSIAS\GLINTTHS\PUB\GH
goto :PROCESSA
goto EOF
:HSDEV
set "PathForms6=\\10.250.39.116\d$\GLINTTHSIAS\GLINTTHS\compilador\fmb6i\GH\"
set "PathForms10=\\10.250.39.116\d$\GLINTTHSIAS\GLINTTHS\compilador\fmb10\GH\"
set PathCompilador=\\10.250.39.116 -u Administrator -p Password1 cmd "/C d: & cd d:\GLINTTHSIAS\GLINTTHS\compilador & GH_PRIV_10_02_Forms.bat"
set PathDestinoPriv=\\10.250.39.116\d$\GLINTTHSIAS\GLINTTHS\PRIV\GH
set PathDestinoPub=\\10.250.39.116\d$\GLINTTHSIAS\GLINTTHS\PUB\GH
goto :PROCESSA
goto EOF
:DEMO
set "PathForms6=\\10.250.39.116\d$\GLINTTHSIAS\GLINTTHS\compilador\fmb6i\GH\"
set "PathForms10=\\10.250.39.116\d$\GLINTTHSIAS\GLINTTHS\compilador\fmb10\GH\"
set PathCompilador=\\10.250.39.116 -u Administrator -p Password1 cmd "/C d: & cd d:\GLINTTHSIAS\GLINTTHS\compilador & GH_PRIV_10_02_Forms.bat"
set PathDestinoPriv=\\10.250.39.116\d$\GLINTTHSIAS\GLINTTHS\PRIV\GH
set PathDestinoPub=\\10.250.39.116\d$\GLINTTHSIAS\GLINTTHS\PUB\GH
goto :PROCESSA
goto EOF
:PROCESSA
set argCount=0
for %%x in (%*) do (
set /A argCount+=1
set "argVec[!argCount!]=%%~nx"
set "pathVec[!argCount!]=%%~dpx"
)
rem echo Number of processed arguments: %argCount%
for /L %%i in (1,1,%argCount%) do (
echo Vou compilar %%i - "!argVec[%%i]!"
if exist %PathForms6%!argVec[%%i]!.* del /q %PathForms6%!argVec[%%i]!.*
if exist %PathForms10%!argVec[%%i]!.* del /q %PathForms10%!argVec[%%i]!.*
robocopy "!pathVec[%%i]!." %PathForms6% !argVec[%%i]!.fmb > nul
)
c:
cd c:\pstools
psexec %PathCompilador%
for /L %%i in (1,1,%argCount%) do (
if exist "%PathForms10%!argVec[%%i]!.fmx" (
xcopy %PathForms10%!argVec[%%i]!.fmx %PathDestinoPriv% /y
xcopy %PathForms10%!argVec[%%i]!.fmx %PathDestinoPub% /y)
)
pause
How much testing have you done with net use? Try running it twice at the command line. Notice how the output changes at the second running:
As you can see, where a connection has already been established, net use will output a summary of the connection rather than creating a duplicate connection.
If you prefer, you could use conditional execution or errorlevel checking. Using this method, you can avoid calling net use until xcopy fails, which should only be the first time. Here's a short example, simply to illustrate the mechanics:
#echo off
setlocal
ping -n 1 10.250.39.116 | find /i "TTL=" >NUL || (
echo 10.250.39.116 is offline. Unable to continue. Press any key to exit.
pause >NUL
goto :EOF
)
call :xcopy "%~1" "destination"
echo Press any key to exit.
pause >NUL
net use \\10.250.39.116\d$ /delete >NUL 2>NUL
goto :EOF
:xcopy <source> <dest_dir>
xcopy /L "%~1" "%~2" 2>NUL || (
net use \\10.250.39.116\d$ /user:username password >NUL 2>NUL
xcopy /L "%~1" "%~2"
)
goto :EOF
Will this work on Windows 8 and always work? I've tested it on Windows 7 but I'm not sure... I had a friend test it and he said that it coudn't find the correct path but I checked and the syntax of the commands is the same and I don't know why there'd be a problem. This is assuming %USERPROFILE%\Documents\My Games\Terraria\Players and %USERPROFILE%\Google Drive exists already
#echo off
echo Administrative permissions required. Detecting permissions...
net session >nul 2>&1
if %errorLevel% == 0 (
echo Success: Administrative permissions confirmed.
) else (
echo Failure: Current permissions inadequate. Please run as administatior.
pause >nul
exit
)
echo ---------------------------------------------
echo Below enter "S" for simple install type or "A" for avanced install type.
echo (Simple is recommended, only use advanced if you know what your doing!)
echo ---------------------------------------------
set /p option=Enter:
if /i "%option%"=="S" goto simple
if /i "%option%"=="A" goto advanced
echo Your entry did not match available options. Try again.
pause >nul
exit
:simple
mklink /d "%USERPROFILE%\Google Drive\Terraria" "%USERPROFILE%\Documents\My Games\Terraria\Players"
cd %USERPROFILE%\Google Drive\Terraria\
copy /y NUL marker >nul
cd %USERPROFILE%\Documents\My Games\Terraria\Players
if exist marker (
echo Validation of installation complete. Symbolic link functional.
del marker
) else (
echo SOMETHING WENT WRONG!!!!!!!!
)
echo ==============
echo You Selected Simple. & echo.If there are no errors above, your installation should be complete.
echo ==============
pause >nul
exit
:advanced
mkdir "%USERPROFILE%\Google Drive\Terraria"
mklink /d "%USERPROFILE%\Google Drive\Terraria\Players" "%USERPROFILE%\Documents\My Games\Terraria\Players"
cd %USERPROFILE%\Google Drive\Terraria\Players
copy /y NUL marker >nul
cd %USERPROFILE%\Documents\My Games\Terraria\Players
if exist marker (
echo Validation of installation complete. Symbolic link functional.
del marker >nul
) else (
echo SOMETHING WENT WRONG!!!!!!!!
)
echo ==============
echo You Selected Advanced. & echo.If there are no errors above, your installation should be complete.
echo ==============
pause >nul
exit
If delivered that all paths exist....
mklink command was introduced in Vista so the script won't work on XP/2003.
I have an issue and can't seem to see where I am going wrong.
I have this code, that is meant to loop through a text file, and look at the last word of the line to see if the user at the start of the line should receive elevated access to their assigned laptop.
However the code just runs through once, and then exits.
#echo off
cls
echo.
echo The following script will process the entire list of students, giving each
echo student administration rights to the laptop and set the laptop description
echo where necessary.
echo.
pause
cls
FOR /F "tokens=1-6 delims=," %%a IN (accesselevations.txt) DO (
set School1=%%a
set LaptopID=%%b
set Model1=%%c
set Serial1=%%d
set User1=%%e
set Access1=%%f
If /i "%%f" EQU "Admin" goto Elevate2
If /i "%%f" EQU "NoAdmin" goto NoElevate2
:Elevate2
set Desc1=!School1! - !LaptopID! - !Model1! - !Serial1! - !User1!
echo.
echo Now creating local admin account for !user! on !LaptopID!
echo.
echo Description: !Desc1!
echo.
pause
psexec \\!LaptopID! -u GBN\!ocusr! -p !ocpw! -n 10 -e net localgroup Administrators "GBN\!User1!" /add
psexec \\!LaptopID! -u GBN\!ocusr! -p !ocpw! -n 10 -e net config server /srvcomment:"!Desc1!"
:NoElevate2
cls
Echo.
Echo User !user1! is not allowed Local Administrator rights on !LaptopID!.
pause
)
pause
:End
The file AccessElevations has confidential data in it so I am not able to post it unfortunately, however it contains something like this
School,WorkstationID,LaptopModel,LaptopSerial,StudentUsername,AdminOrNot
School,WorkstationID,LaptopModel,LaptopSerial,StudentUsername,AdminOrNot
School,WorkstationID,LaptopModel,LaptopSerial,StudentUsername,AdminOrNot
School,WorkstationID,LaptopModel,LaptopSerial,StudentUsername,AdminOrNot
...and so-on.
I hope I have given enough information, I'm fairly new here.
Thanks in advance for any light you can spread on the issue.
Toby
Use setlocal enabledelayedexpansion or you won't able to use exclamation point on variables.
Close your FOR loop before Elevate2
Change this:
If /i "%%f" EQU "Admin" goto Elevate2
If /i "%%f" EQU "NoAdmin" goto NoElevate2
To:
If /i "%%f" EQU "Admin" (CALL:Elevate2) else (CALL:NoElevate2)
Using CALL command, your script will return to the end of FOR loop after elevation operation is done, GOTO command connot do this.
Put exit/b before :NoElevate2, otherwise your script won'r return to CALL command point.
Your code should be like this:
#echo off
setlocal enabledelayedexpansion
cls
echo.
echo The following script will process the entire list of students, giving each
echo student administration rights to the laptop and set the laptop description
echo where necessary.
echo.
pause
cls
FOR /F "tokens=1-6 delims=," %%a IN (accesselevations.txt) DO (
set School1=%%a
set LaptopID=%%b
set Model1=%%c
set Serial1=%%d
set User1=%%e
set Access1=%%f
If /i "%%f" EQU "Admin" (CALL:Elevate2) else (CALL:NoElevate2))
:Elevate2
set Desc1=!School1! - !LaptopID! - !Model1! - !Serial1! - !User1!
echo.
echo Now creating local admin account for !user! on !LaptopID!
echo.
echo Description: !Desc1!
echo.
pause
psexec \\!LaptopID! -u GBN\!ocusr! -p !ocpw! -n 10 -e net localgroup Administrators "GBN\!User1!" /add
psexec \\!LaptopID! -u GBN\!ocusr! -p !ocpw! -n 10 -e net config server /srvcomment:"!Desc1!"
exit/b
:NoElevate2
cls
Echo.
Echo User !user1! is not allowed Local Administrator rights on !LaptopID!.
pause
exit/b
:End
#echo off
setlocal
cls
echo.
echo The following script will process the entire list of students, giving each
echo student administration rights to the laptop and set the laptop description
echo where necessary.
echo.
pause
cls
FOR /F "tokens=1-6 delims=," %%a IN (accesselevations.txt) DO (
set School1=%%a
set LaptopID=%%b
set Model1=%%c
set Serial1=%%d
set User1=%%e
set Access1=%%f
If /i "%%f" EQU "Admin" CALL :Elevate2
If /i "%%f" EQU "NoAdmin" CALL :NoElevate2
)
GOTO :EOF
:Elevate2
set Desc1=%School1% - %LaptopID% - %Model1% - %Serial1% - %User1%
echo.
echo Now creating local admin account for %user1% on %LaptopID%
echo.
echo Description: %Desc1%
echo.
ECHO psexec \\%LaptopID% -u GBN\%ocusr% -p %ocpw% -n 10 -e net localgroup Administrators "GBN\%User1%" /add
ECHO psexec \\%LaptopID% -u GBN\%ocusr% -p %ocpw% -n 10 -e net config server /srvcomment:"%Desc1%"
GOTO :eof
:NoElevate2
Echo.
Echo User %user1% is not allowed Local Administrator rights on %LaptopID%.
GOTO :EOF
Notes:
setlocal added to ensure environment does not get polluted by a run
Doesn't appear to be much point in setting Access1 since it isn't used.
CALL :routine rather than goto - Not a ood idea to goto within a block as some cmd versions appear to work differently. Colon is required for running internal subroutine
Within internal subroutines, can use %var% since these run in their own context.
!var! syntax is only effective when invoked by setlocal enabledelayedexpansion (not executed in original batch.)
psexec commands simply ECHOed. Need to remove the preceding echo to execute the psexec
Shouldn't a 'remove privileges' routine be applied for 'Nodamin' ?
!user! changed to %user1% in :elevate2 since user1 is established by the loop, not user.
Suitable datafile used for testing was:
School1,Workstation1ID,Laptop1Model,Laptop1Serial,Student1Username,Admin
School2,Workstation2ID,Laptop2Model,Laptop2Serial,Student2Username,NoAdmin
School3,Workstation3ID,Laptop3Model,Laptop3Serial,Student3Username,Admin
School4,Workstation4ID,Laptop4Model,Laptop4Serial,Student4Username,NoAdmin
not that hard to construct - could easily be done with a prettier version by substituting for names and other sensitive information.