Trying to create a task that will run a .bat file as current user

(imported topic written by flayofish91)


I’m wanting to create a task that runs a .bat file as the current user every day.

Not sure if this is the right way to do this, but here is what I am trying to achieve:

pull a file from a share and replace the existing file on the target pc.

I understand it’s practically impossible to do this as the agent runs as system.

Would these steps work around that issue?

  1. create a .bat file that:

a. maps to a share

b. copies a file from the share and replaces existing file on target pc.

c. unmaps drive.

  1. create a task in bigfix that runs the custom .bat as the local user.

  2. have the task run silently once a day when the user logs on.

The file in question changes daily (Malware Byte’s signature updates) and needs to be replaced.

Is this the right way to approach this? If so, how would the task/fixlet be written?


(imported comment written by gjeremia91)

have you considered deploying the file with bigfix instead of having the endpoints update it from a share?

You can make the file available on a web server (or even on the BES Server).

If you still wish to pursue running commands as a user then look at:

(imported comment written by flayofish91)

This file gets replaced daily. How would you propose I automate updating the file on the BigFix server daily, as there is no URL to initially download it from?

Going back to pursuing running commands as current user. Where do I place the RACU.exe file after downloading it, on the client pcs or on the server and where in the folder structure?


(imported comment written by gjeremia91)

  1. there are several methods available to validate a downloaded file, there is a process for automatically including changing content in a custom site (PropagateFiles utility, see or this option may work:
  • copy file . to webserver (or bes server “Uploads” folder in web directory

  • make a file “.sha1” in the same location that contains the sha1 of the file you want

  • download both files with “download” of “download as”

  • check sha 1 of . is the same as the content of .sha1

  • continue if {(sha1 of it = ((line 1 of file “.sha1” of folder “__Download”) as trimmed string)) of file “patch1” of folder “__Download”}

  • do whatever with file

  1. using RACU, you can either leave it where it is, make it a utility or put it in a custom location:
  • Custom location:

  • move __Download\RACU.exe “{parent folder of regapp “besclient.exe”}\RACU.exe”

  • wait “{parent folder of regapp “besclient.exe”}\RACU.exe” --w calc.exe

  • Utility:

  • utility __Download\RACU.exe

  • wait __Download\RACU.exe --w calc.exe