XPost: alt.msdos.batch

Due to the strange ways that Windows works, all I want is to permanently
have the "Show more details" working whenever I "Run as administrator" any given "*.bat" file that I select, en masse, to run.

Is there an option checkbox in the registry perhaps to always "Show more details" when running a batch file as administrator in Windows 10?

A confluence of Windows peculiar traits is only why I need that option.
That is, I don't "want" that option - I just want it as a workaround.

[1] Windows, when I select a handful of files to right click and execute,
I can never tell the _order_ that those files will be executed
(as Windows has its own peculiarities on how it orders files).

[2] The batch file has to have administrator permission because it changes
the routing table but a Windows particular is that there isn't any
known way to set that user _inside_ the batch file itself, such as:
RunThisBatchFileAsAdministrator = YES

[3] Not every batch file will work (as they're running network commands)
but _one_ of those batch files will always end up working. Therefore
the problem is figuring out, after the fact, which batch file it was.

All of these issues are caused purely by Windows particular quirks which is
why I want to have "Show more details" on by default.

But what would negate the need for that would be a command that I could put _inside_ the batch file that says "RunMeAsAdminPlease = YES" if that
exists.

Or, some way to make _all_ batch files run as Administrator, although that
has the obvious security risk so I just want to have the command inside if
I can.

But if there is no command that tells Windows to run the batch file as administrator, then at least tell me which of the many batch files it was.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.msdos.batch

On 1/28/2023 10:03 PM, Thomas wrote:

Due to the strange ways that Windows works, all I want is to permanently
have the "Show more details" working whenever I "Run as administrator" any given "*.bat" file that I select, en masse, to run.

Is there an option checkbox in the registry perhaps to always "Show more details" when running a batch file as administrator in Windows 10?

A confluence of Windows peculiar traits is only why I need that option.
That is, I don't "want" that option - I just want it as a workaround.

[1] Windows, when I select a handful of files to right click and execute,
I can never tell the _order_ that those files will be executed
(as Windows has its own peculiarities on how it orders files).

[2] The batch file has to have administrator permission because it changes
the routing table but a Windows particular is that there isn't any
known way to set that user _inside_ the batch file itself, such as:
RunThisBatchFileAsAdministrator = YES

[3] Not every batch file will work (as they're running network commands)
but _one_ of those batch files will always end up working. Therefore
the problem is figuring out, after the fact, which batch file it was.

All of these issues are caused purely by Windows particular quirks which is why I want to have "Show more details" on by default.

But what would negate the need for that would be a command that I could put _inside_ the batch file that says "RunMeAsAdminPlease = YES" if that
exists.

Or, some way to make _all_ batch files run as Administrator, although that has the obvious security risk so I just want to have the command inside if
I can.

But if there is no command that tells Windows to run the batch file as administrator, then at least tell me which of the many batch files it was.

look at https://nircmd.nirsoft.net/runas.html
Or
run using TaskScheduler: SCHTASKS /RUN /TN <task name> set for highest privileges

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.msdos.batch

On 1/28/2023 10:03 PM, Thomas wrote:

Due to the strange ways that Windows works, all I want is to permanently
have the "Show more details" working whenever I "Run as administrator" any given "*.bat" file that I select, en masse, to run.

Is there an option checkbox in the registry perhaps to always "Show more details" when running a batch file as administrator in Windows 10?

A confluence of Windows peculiar traits is only why I need that option.
That is, I don't "want" that option - I just want it as a workaround.

[1] Windows, when I select a handful of files to right click and execute,
I can never tell the _order_ that those files will be executed
(as Windows has its own peculiarities on how it orders files).

[2] The batch file has to have administrator permission because it changes
the routing table but a Windows particular is that there isn't any
known way to set that user _inside_ the batch file itself, such as:
RunThisBatchFileAsAdministrator = YES

[3] Not every batch file will work (as they're running network commands)
but _one_ of those batch files will always end up working. Therefore
the problem is figuring out, after the fact, which batch file it was.

All of these issues are caused purely by Windows particular quirks which is why I want to have "Show more details" on by default.

But what would negate the need for that would be a command that I could put _inside_ the batch file that says "RunMeAsAdminPlease = YES" if that
exists.

Or, some way to make _all_ batch files run as Administrator, although that has the obvious security risk so I just want to have the command inside if
I can.

But if there is no command that tells Windows to run the batch file as administrator, then at least tell me which of the many batch files it was.

look at https://nircmd.nirsoft.net/runas.html
Or
run using TaskScheduler: SCHTASKS /RUN /TN <task name> set for highest privileges

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.msdos.batch

On 28-01-2023 22:03 Thomas <canope234@gmail.com> wrote:

But if there is no command that tells Windows to run the batch file as administrator, then at least tell me which of the many batch files it was.

There is.

First see if you have secure logon enabled.
PS] Get-Service seclogon

Second enable seclogon if it's not already enabled.
PS] Start-service seclogon

Third take a look at the existing key credentials
C:] c:\windows\system32\rundll32.exe keymgr.dll, KRShowKeyMgr

Fourth save the administrator password into the key credentials store
C:] c:\windows\system32\runas.exe /user:administrator /savecred "C:\Windows\System32\cmd.exe"
Enter the password for administrator:

Fifth is to run any command as admin without entering any password
C:] c:\windows\system32\runas.exe /user:administrator /readcred "C:\Windows\System32\cmd.exe"

Sixth, replace "C:\Windows\System32\cmd.exe" with your batch file
C:] c:\windows\system32\runas.exe /user:administrator /readcred "C:\yourpath\yourfile.bat"

https://woshub.com/run-program-as-different-user-windows/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.msdos.batch

On Sunday, January 29, 2023 at 4:15:11 AM, Zaidy036 wrote:

look at https://nircmd.nirsoft.net/runas.html
Or
run using TaskScheduler: SCHTASKS /RUN /TN <task name> set for highest privileges

I understand the task scheduler method since I've used it before but that's
not all that feasible in this case only because the files are numerous and constantly changing. I guess I could come up with a task scheduler method
that uses an infinite variable but the other method seems more appropriate.

I had never heard of runas, and when I googled about it, I quickly realized that runas.exe is a standard command native on Windows 10 in System32.
C:\Windows\System32\runas.exe /?

Unfortunately none of the examples in that manpage for runas worked for me
but the only one that applied was their first example as I have no domain
and everything is a local account so only the first syntax example applied.
runas /noprofile /user:mymachine\administrator cmd
runas /profile /env /user:mydomain\admin "mmc %windir%\system32\dsa.msc"
runas /env /user:user@domain.microsoft.com "notepad \"my file.txt\""

But every attempt at replicating that manpage syntax failed for me such as
runas /noprofile /tom:mypc\administrator "C:\Windows\System32\cmd.exe"

The runas syntax example at Nirsoft also didn't work for me
https://nircmd.nirsoft.net/runas.html
But maybe that's what the nircmd is supposed to do for me? I don't know.
runas admin1 Password1 "F:\Program Files\Mozilla Firefox\firefox.exe"

Substituting "administrator" and the password of "xyz" in the above failed
runas administrator xyz "C:\Windows\System32\cmd.exe"

All sorts of subsequent syntax "guesses" didn't work for me either, such as
runas user:administrator password:xyz "C:\Windows\System32\cmd.exe"

But a guess that finally worked inside my variabled batch scripts was this.
runas /user:administrator "%command% %dir%%file%"

However that asked for the administrator password every time it was run
(which isn't necessarily a bad thing, mind you, but that's what it did).

With the help of the other poster to this thread I added the "save
credentials" option, which sometimes? negated the need for the password.
runas /user:administrator /savecred "%command% %dir%%file%"

I don't know if it mattered but by default secondary logon services are stopped, but for the test I started them but they stop after rebooting.
http://revertservice.com/10/seclogon/
powershell
Get-Service seclogon
Status Name DisplayName
------ ---- -----------
Stopped seclogon Secondary Logon

Start-Service seclogon
Status Name DisplayName
------ ---- -----------
Running seclogon Secondary Logon

I don't yet know if I even needed to allow secondary login services above
but then when I created a shortcut with my desired command as the target
target = runas /user:administrator /savecred "C:\path-to\myfile.bat"
it asked for the administrator password the first time but then it didn't
ask for the administrator password (most of?) the subsequent times run.

But of course, this has the obvious security hole, which, I'm not sure I'm worried about as I'm the only user, but it makes it easy to run anything
as administrator now that the administrator password can be loaded with
/savecred

Now back to NirSoft, since all that above happened without using NirCmd.

I've used NirSoft tools (mostly to change context menus) but what I can't
for the life of me understand is what does the "nircmd" have to do with
"runas" since the runas command works all by itself in any batch file?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.msdos.batch

On Saturday, January 28, 2023 at 7:16:03 PM, Zaidy036 wrote:

look at https://nircmd.nirsoft.net/runas.html

I'm confused because this is new to me as of the last few hours so any help
is appreciated where I couldn't for the life of me figure out what NirCmd
has to do with what eventually worked for me (sort of it worked anyway).

Assuming the password for the local administrator account is "xyz",
this command should work for anyone who tests it inside a user shell.
runas.exe /user:administrator "C:\Windows\System32\cmd.exe"

Changing that to this only asks for the administrator the first time.
runas.exe /user:administrator /savecred "C:\Windows\System32\cmd.exe"

Either way, that syntax can be tested by everyone using these examples.

[1] This will open up an admin command shell from the Windows Run shortcut.
win+r > runas.exe /user:administrator "C:\Windows\System32\cmd.exe"
or
win+r > runas.exe /user:administrator /savecred "C:\Windows\System32\cmd.exe"

[2] That same command also works as a target inside a Windows shortcut.
target = runas.exe /user:administrator "C:\Windows\System32\cmd.exe"
or
target = runas.exe /user:administrator /savecred "C:\Windows\System32\cmd.exe"

[3] That same command works as the first line inside any user batch file
where, to illustrate, I created the two-line "admin.bat" as below.
@echo off
runas.exe /user:administrator "C:\Windows\System32\cmd.exe"
or
@echo off
runas.exe /user:administrator /savecred "C:\Windows\System32\cmd.exe"

Since /savecred has a big security issue, I'll probably NOT use it, but
then I have to type in the administrator password every time where right clicking to "Run as administrator" doesn't need to type in the password.

I wrote those above so anyone could test this out on their machine as all
those syntaxes should work for everyone on Windows 10, should they not?

If they test these commands as I wrote them above (just paste them in), can someone explain to me where the NirSof NirCmd applies here? I'm confused.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.msdos.batch

On Saturday, January 28, 2023 at 10:51:01 PM, mike wrote:

First see if you have secure logon enabled.
PS] Get-Service seclogon

Thank you for bringing up secondary login services, which for me were
"Stopped" but I started the service according to your instructions.
http://revertservice.com/10/seclogon/
powershell
Get-Service seclogon
Status Name DisplayName
------ ---- -----------
Stopped seclogon Secondary Logon

Start-Service seclogon
Status Name DisplayName
------ ---- -----------
Running seclogon Secondary Logon

I ran all my tests yesterday with the secondary services turned on
but when I rebooted this morning they were stopped & I left them.

The "runas" command seems to work without secondary logon services so
I don't know if the service needs to be running or not either way.

Third take a look at the existing key credentials
C:] c:\windows\system32\rundll32.exe keymgr.dll, KRShowKeyMgr

OMG! There are a ton of "things" that show up there when I run that!
C:\Windows\System32\rundll32.exe keymgr.dll, KRShowKeyMgr
What are all those listed "credentials" doing there & what for?

I deleted all of them, and then I was worried that I had accidentally
deleted my own login and perhaps that of administrator but both worked
when I rebooted this morning, thank God.

But what ARE all those many odd unknown "credentials" that showed up?
Where'd they come from?

Does everyone have a bunch of "credentials" (whatever that means) there?
What's a credential?

Fourth save the administrator password into the key credentials store
C:] c:\windows\system32\runas.exe /user:administrator /savecred "C:\Windows\System32\cmd.exe"
Enter the password for administrator:

This is the command that finally worked inside my batch file and the same command worked as the target line of a Windows *.lnk shortcut command. https://www.howtogeek.com/124087/how-to-create-a-shortcut-that-lets-a-standard-user-run-an-application-as-administrator/

Fifth is to run any command as admin without entering any password
C:] c:\windows\system32\runas.exe /user:administrator /readcred "C:\Windows\System32\cmd.exe"

I couldn't find the option for "readcred" but all the documentation I found said just to keep using "savecred" which, I guess, reads the credentials if they're already saved (that's what the confusing documentation indicates). https://superuser.com/questions/581548/runas-savecred-ask-for-password-if-another-user-runs-the-same-batch-file

Sixth, replace "C:\Windows\System32\cmd.exe" with your batch file
C:] c:\windows\system32\runas.exe /user:administrator /readcred "C:\yourpath\yourfile.bat"

https://woshub.com/run-program-as-different-user-windows/

I also found a program called "RunAsRob" which says it will "manage and
start a program with administrator rights from a user account." https://robotronic.net/blogenRunasSavecred.html

But I haven't tested "RunAsRob" out, nor have I figured out how the NirCmd NirSoft command plays any role - so I ask for more help in solving this.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)