Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

{Quick Post} Commandline Kung-fu needed! Apply within


After some more playing, and some headache tablets, it seems I’ve found a solution (or should I say, found the bug in a solution I thought didn’t work)… I won’t post a spoiler just yet incase people are playing… but I will post the answer I found tomorrow once I have time!

In the meantime happy hunting…. and remember, Windows sucks sometimes!

—- —- —-

So, I’ve been fighting with the following command for a while and can’t quite get it working (due to whitespace or linefeeds at the end of the string). So I’m putting it out there and asking for help!


Create a single Windows command-line (not a script) that runs on all modern versions of Windows (no powershell here) that resolves a localgroup name from its SID, and feeds this group name (including any spaces!) into a “net localgroup” command… It seems easy, but due to the spaces present in some group names, it’s a bit tricky to solve without using some mystical command-line kung-fu that I certainly don’t seem to posses!

Example (not working):

For /F “usebackq Tokens=1* Delims==” %I In (`wmic group where sid^=’S-1-5-32-551′ get name /Value ^| Find “=”`); do net user username password /ADD && net localgroup %J username /ADD

The above example uses the SID for “Backup Operators” as it contains a space… which meets the criteria! It also fails…

Example (working for group names w/o spaces only):

FOR /F “usebackq skip=1” %g IN (`wmic group where sid^=’S-1-5-32-544′ get name`); do net user username password /ADD && net localgroup %g username /ADD

This example works for group names like “administrators”, but if you alter the SID to S-1-5-32-551 then it will only take “backup” from the “backup operators” group name and therefore fail. It’s simple enough to fix if you known beforehand that the group has a space, but that’s not the point… we don’t know for all cases.

Anybody got the smarts to solve this? I hate batch scripting!!!


5 responses to “{Quick Post} Commandline Kung-fu needed! Apply within

  1. Robin March 19, 2012 at 11:15

    Don’t you just wrap %g in quotes?

  2. ChrisJohnRiley March 19, 2012 at 11:18
    Nope… not that easy. %g only includes the initial portion of the group name “backup”… if you expand the For /F to take in the whole string you don’t get “backup operators” you get “backup operators    CRLF” which then screws up the net localgroup command. If only life was so easy!
  3. Sébastien Ferry (@sebastien_ferry) March 20, 2012 at 05:55

    FOR /F “usebackq tokens=2* delims==”

    tokens=2* shall do it (FOR /?) 2 to skip the left part before =, and “*” to catch all the remaining line.

    C:\>FOR /F “usebackq tokens=2* delims==” %g IN (`wmic group where sid^=”S-1-5-32-544″ get name /Value^ `) do @echo %g

    C:\>FOR /F “usebackq tokens=2* delims==” %g IN (`wmic group where sid^=”S-1-5-32-551″ get name /Value^ `) do @echo %g
    Backup Operators

  4. ChrisJohnRiley March 20, 2012 at 07:06

    hi, and thanks for the info… I still see it having the same issue as I originally had though. Try changing the echo %g at the end for a command using %g and you’ll see what I mean.

    > FOR /F “usebackq tokens=2* delims==” %g IN (`wmic group where sid^=”S-1-5-32-551″ get name /Value^ `) do net localgroup %g Administrator /ADD

    The syntax of this command is:

    [groupname [/COMMENT:”text”]] [/DOMAIN]
    groupname {/ADD [/COMMENT:”text”] | /DELETE} [/DOMAIN]
    groupname name […] {/ADD | /DELETE} [/DOMAIN]

  5. Pingback: Commandline Kung-fu – Solution « Cатсн²² (in)sесuяitу / ChrisJohnRiley

%d bloggers like this: