How. Cmd file run as admin using sccm

Question
  • Using sccm package/application deployment how to run a *.cmd as a administrative privilege. I have tested the cmd file run as admin manually it works.
solved 0
Amit laha 5 months 11 Answers 108 views Beginner 0

Answers ( 11 )

  1. Hi Amit,

    Did you tried to deploy the package by using SCCM Standard Task Sequences,

    You can add runas account for application or cmd line step in Task Sequences, i think this will helps you to run the cmd with Admin account

    Best answer
  2. I don’t understand why we are jumping to GPO or Package directly when we have CI which is the most effective method so far to perform registry modification. The success level is near 99.3 % if the SCCM Agent is healthy on client machines.

  3. Hello Amit,

    You could try to add cmd /c before each command line.

    Like This —

    cmd /c reg add “HKLMsoftwaremicrosoftccmsecurity” /v clientAlwaysOninternet /t REG_DWORD /d “1” /f

    cmd /c net stop CcmExec
    cmd /c TIMEOUT /t 8 /NOBREAK
    cmd /c net start CcmExec

    Also tried to Add in Package > Program > General Tab- Command line : cmd.exe /C “FileName.bat”

    I’m assuming the registry isn’t present in target devices, If Its already there with Your command Its overriding. You had confirmed Its working manually.

    Please let us Update with Results..

    Why need to add cmd /c [Microsoft Note] – Add cmd /c to the start of the command line. If you don’t specify cmd /c, the command won’t close after it runs. The deployment continues to wait for the command to finish and won’t start any other configured commands or actions.

  4. Take this commands you have written and save it as a .bat file aka Batch File.

    @echo off
    reg add “HKLMsoftwaremicrosoftccmsecurity” /v clientAlwaysOninternet /t REG_DWORD /d “1” /f
    net stop “CcmExec”
    TIMEOUT /t 8 /NOBREAK
    net start “CcmExec”

    Create an application in SCCM and deploy it with a command like like: cscript.exe nameofbatchfile.bat .
    Deploy to systems.

  5. Hi Amit,
    May be you can explain more what you are trying to achieve ?
    What is configured in Program Environment ? To run with Admin rights or users rights
    In SCCM the installer ( .msi / .cmd / .bat /etc.. ) all run in SYSTEM account context unless your package is explicitly defined to run with users rights.

    • Hello ,
      Actually i want to change one registry value (hklmsoftwaremicrosoftccmsecurity
      clientAlwaysOninternet=1) and after the want to run one service restart, so for that i have use below line in a .cmd file.

      “@echo off

      reg add “HKLMsoftwaremicrosoftccmsecurity” /v clientAlwaysOninternet /t REG_DWORD /d “1” /f

      net stop “CcmExec”
      TIMEOUT /t 8 /NOBREAK
      net start “CcmExec” ”

      Hosted as a package and in Environment Tab -Program can run ‘whether or Not a user logged in’ and Select ‘Run with Administrative Rights’

      • In this case, I would rather use Group Policy to set this registry key so that its not depended on any deployment.

        The problem is you are restarting the CCMexec service, the service which is responsible to carry out the task and report the status.

        Please try on one machine WITHOUT restart CCMExec service and see if reg changes are applied

        Another option is to try using REG IMPORT or PowerShell command line, if you still want to make the changes through SCCM

        • Thanks for your reply.

          I have tried without restarting the service but still reg settings not changing . If i tried to run the *.CMD file in normal command line it showing access denied and if i run the command prompt as administrator it’s executing successfully. that’s why i am thinking it related to permission issue.

Leave an answer

Sorry, you do not have a permission to answer to this question .