Jump to content

.bat file to clear logins of a specific program

I am researching the best way to create a .bat file to clear the logins of a specific program which are more than, let’s say 10 hours old. So any login less than 10 hours would be ok and not logged out. I need it to be able to be executed by AD users so they won’t have to call each time they get an error stateing there are not enough licenses available for them to login. They currently have a secondary program provided by the vendor that will do what we want, but it is currently broken and lets just say the vendor is trash and takes forever to push an update out to fix their software. Currently, we use a SQL script to clear the logins and we are trying to get that set up to execute automatically each morning. We want the .bat file as a backup though to put on the public desktop in the event that the script fails that morning and they get the license error. I’m not sure if this is the right sub forum for this or not but I will leave it here, and I will also put this in programming just in case. Any help would be appreciated. Thanks ahead of time!

Link to comment
Share on other sites

Link to post
Share on other sites

You could write a powershell script that connects to the DB and executes the SQL you want, then just allow the users to execute PS scripts, however this has a MAJOR security issue, not only will users need elevated rights to run the script they will be able to open it up and see the login credentials to the SQL server. The same is true of a .BAT file unless the .BAT just calls a library or application that contains the code. 

 

My approach would be to write a quick console app that runs the SQL command, but if you don't have programmers available that will be a challange, having said that Visual Studio community edition is free (you don't need more than that) and writing a console app is the bread an butter of .NET programmers so there are tons of guides available. 

Link to comment
Share on other sites

Link to post
Share on other sites

5 hours ago, FlappyBoobs said:

You could write a powershell script that connects to the DB and executes the SQL you want, then just allow the users to execute PS scripts, however this has a MAJOR security issue, not only will users need elevated rights to run the script they will be able to open it up and see the login credentials to the SQL server. The same is true of a .BAT file unless the .BAT just calls a library or application that contains the code. 

 

My approach would be to write a quick console app that runs the SQL command, but if you don't have programmers available that will be a challange, having said that Visual Studio community edition is free (you don't need more than that) and writing a console app is the bread an butter of .NET programmers so there are tons of guides available. 

Awesome, thank you so much for the help! I am gonna look into visual studio. I had a feeling that they would need admin rights to be able to execute the .bat. Also one more thing, we store the SQL on a file server vm that the user’s don’t have access to. So if we created a .bat and then created a .exe to run the .bat in the background, could that potentially work so we wouldn’t have to give them admin rights?

Link to comment
Share on other sites

Link to post
Share on other sites

As long as the user that the program uses to execute the command has access to the VM then it will work fine (the fact that it has a DB on it that users access from their machines already, via the other program, means it's possible). Your admin will be able to allow specific programs to run so they can whitelist the new .exe and users just run it without the need of a .bat file. 

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×