No zone => Windows script-foo

It's been a very "IT" kind of afternoon.

I started out the morning well, got some coding done, and was in "the zone" up until about 10:50. The then fire alarm went off. I don't know why, because there wasn't any major fire. Maybe it was a drill/test, maybe some kid pulled the fire alarm. Who knows.

Anyway, I had to go stand outside in the unseasonably cold weather (it's in the 30°F range this week) for about 10 minutes. That sapped a great deal of my motivation. Then I had to stand in line for another 10 minutes while the guards checked IDs put people through the metal detector. That pretty much knocked me out of the zone for the rest of the day.

So this afternoon was devoted to Windows XP trouble-shooting, because it's reliatively brain-dead. I worked with a laptop user to finally track down a long-standing error message that had been showing up in one application. And by "track down" I mean I finally got to actually see the error message and quickly diagnosed it as a file permission problem. I would have done that a long time ago, except that these laptops have no connectivity to our network and are almost never available at a time and location where I can look at them. Plus nobody ever bothered to tell me the exact error message, which makes it a little harder to figure out what's going on. While I try to keep my skills sharp and up-to-date, I have to admit that I'm still woefully lacking in the telepathic debugging department.

cmd.pngNow that I've got that problem tracked down, I'm presented with another. This problem affects 20 odd laptops. How do I fix it on all of them without having to go around and physically touch each of them? Remote access is out, so the first obvious solution is to get the users to do it. However, that won't work because I can't give them the admin password. The second obvious solution is to pawn it off on the help desk, but they'd never go for that. After all, we operate on the "whoever touches it first is stuck with it forever" theory of assigning support tasks. Hardly an optimal algorithm, but that's the way it is and nobody with any power is willing to rock the boat.

That leaves me with one option: script that sum bitch! I might not be able to trust the users with complex instructions, but I can certainly trust them to dump some files on a flash drive and double-click an icon.

The only problem is administrator access. The Windows runas command prompts for passwords. I need something that can use a stored password from a batch file, preferably one kept in an encrypted file. Luckily, a little Googling turned up just such a tool: lsrunase. That looks like it should do the trick. Another quick Google for a Windows command reference to find the CACLS command and I should be good to go. All I need to do now is write the batch file and test it out on one of the laptops. But that'll have to wait for tomorrow.

You can reply to this entry by leaving a comment below. You can send TrackBack pings to this URL. This entry accepts Pingbacks from other blogs. You can follow comments on this entry by subscribing to the RSS feed.

Add your comments #

A comment body is required. No HTML code allowed. URLs starting with http:// or ftp:// will be automatically converted to hyperlinks.