Hi expert,
I'm desperate for a solution for this mystery.
Background:-
1)Server Windows Server 2003 R2
2)PGP CL Ver 10.2
3)We trying trigger a decryption of file using .bat file. The .bat file consist PGP command line and it is was triggered using a 3rd party schduler known as IBM Sterling Connect Direct. An user ID ABC is used to trigger the .bat file. This user ID only have local User membership to the server.
4)Content of the .bat:
@echo off
set DecFilPath=D:\XXXXX
Set VendrFile=%DecFilPath%\%2.gpg
Set EncryptFile=%DecFilPath%\%2.pgp
ECHO [%TIME:~0,8% %DATE%] Start Decryption >> %DecFilPath%\LogDownload.txt
IF EXIST %EncryptFile% Del %EncryptFile%
Rename %VendrFile% *.pgp
pgp --decrypt %EncryptFile% --overwrite remove >> %DecFilPath%\LogDownload.txt 2>&1
set error=%ERRORLEVEL%
ECHO %error% >> %DecFilPath%\OSerror.log
ECHO [%TIME:~0,8% %DATE%] End Decryption >> %DecFilPath%\LogDownload.txt
Problem:
pgp --decrypt command won't run when we trigger the command.
- From the content of the .bat, we pretty sure the .bat did run successfully as the command Rename %VendrFile% *.pgp did successfully rename the target file.
- We force Exit Code output using this command set error=%ERRORLEVEL%, and notice there is this Exit Code 129 (An initialization failure occurred on startup)
Workaround:
- We assign Local Administrators permission to user ID ABC, pgp --decrypt command completed successfully.
Question:
We do not wish to assign local administrator permission to user ID ABC as we think it is having too much privilege. What is Exit Code 129 cause and how to solve it so that we can trigger the pgp --decrypt without having local administrator permission?
Thank you