How do I get current logged in user name when running a batch file as administrator

windows-7 windows permissions batch
10,578

How do I get current logged in user name when running a batch file as administrator

It runs fine when the current user has local admin privileges, but for users who aren't I have to enter the domain administrator password for the changes to take place.

With the below example you just set a variable with the environmental variables as you already have in your ICACLS command logic, and then use that variable to specify the account to grant the applicable permissions passing it to a CALL routine.

@ECHO OFF
SET Identity=%userdomain%\%username%
CALL :ICACLS "%Identity%"
GOTO EOF

:ICACLS
runas /user:MYDOMAIN\USER icacls "program files directory" /grant %~1:F
GOTO EOF

If you have trouble

If you're running cmd.exe with RUNAS and you determine the %userdomain%\%username% variables don't set (or list) the expected values which you need to use for the ICACLS commands to work as expected, then run the below commands in cmd.exe before using the RUNAS functionality to find the current logged on domain and username credential values which you can then use with the ICACLS commands for setting the permissions for that identity\security principal.

SET Identity=%userdomain%\%username%
ECHO %Identity%
Share:
10,578

Related videos on Youtube

Kustomize
Author by

Kustomize

Updated on September 18, 2022

Comments

  • Kustomize
    Kustomize over 1 year

    I have a batch file I can run to modify permissions to a folder in program files. It runs fine when the current user has local admin privileges, but for users who aren't I have to enter the domain administrator password for the changes to take place. When I double check the permissions setting on the folder, it shows the domain admin having full control over said folder.

    How do I ensure that the current user logged in the windows gets full permission?

    This is what I have as part of that batch file:

    icacls "program files directory" /grant %userdomain%\%username%:F
  • Kustomize
    Kustomize almost 8 years
    I've tried this and it did not work, the domain admin still has full permission over the folder. It is caused by having to run the bat as administrator, so the identity variable is still set to local admin.
  • Kustomize
    Kustomize almost 8 years
    I need to set it as a variable, then use that variable when setting folder permissions. I've been toying with runas calling a bat file and passing the identity variable as a parameter but to no success.
  • Kustomize
    Kustomize almost 8 years
    That is one solution. However it also requires user group management and from an administrative point of view it is not necessary to know who has access rights to the folder, so long as the local user has full read/write over a folder in their program files directory. I can't move the folder as it is the default installation path of a proprietary software. I will use this solution for now until I can find a quicker way setting permissions.
  • Kustomize
    Kustomize almost 8 years
    @JUICE_IT Security was never a concern, it was simply giving a local user full access to a folder on their own drive. But I managed to solve my problem, by combining set identity=xxx with this answer I was able to pass identity as a parameter.
  • Vomit IT - Chunky Mess Style
    Vomit IT - Chunky Mess Style almost 8 years
    @JarirS Great, you should be able to set the variable and then pass that as an argument to a routine in the same batch script as well then with that routine having the RUNAS logic keeping the identity per the RUNAS command is run. That should work to keep it all contained to the same one script -- I edited my answer to show you an example.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

CMD Batch file virtually press the enter key
unable to copy file to folder, permission denied without explanation
Batch file unable to access Program files X86
Windows 7 user account suddenly changed to a guest account
Cannot delete two files in Windows 7 -- "You need permission to perform this action."
How to remove ReadOnly from files in Windows 7?
How to zip files separately (each file) in a folder using 7-zip?
How to run a program with elevated permissions from a limited permission user account without administrator password?
I can't run .bat and .cmd files with start command (Windows 7)
Access denied when writing files to network drive