When running wmic command in batch file (my PDQ Deploy Installer file) I receive error: -2147217407

4/26/2018 4967 Contributors

A customer recently asked:

"i use a batch file with following command
wmic path Win32_UserAccount where Name='administrator' set PasswordExpires=false

wmi is doing everything fine. he changed the things on the target machines. but pdq deploy brings back always the installation error code -2147217407.

have you a idea how to fix this on the pdq deploy site ?"

Answer: PDQ Deploy returns the last error code that the Installation File returned. In this case your batch file encountered a "Generic Failure" in Windows after an unsuccessful attempt to modify WMI via WMIC. WMIC.exe returned the code -2147217407.

This error being reported is most likely caused by the fact that you haven't specified the Domain in your WMIC command. Without specifying a Domain the domain value in Win32_UserAccount will, by default, be filled with the Domain the target computer is in. The problem is that you want the LOCAL Administrator account modified, not the Domain Administrator account. You can't change a domain account property via a WMIC call to a workstation. Therefore, in this case you will need to add an extra filter to your WHERE clause to specify that the domain context is actually the local machine. Use this:

wmic path Win32_UserAccount where "Name='administrator' and  
Domain='%computername%'" set PasswordExpires=false

Notice that since I have more than one filter in my WHERE clause I need to encapsulate them in double quotes. I am also passing the %ComputerName% variable so that the domain is set to the target machine (and will, therefore, modify the Administrator account on the local computer as opposed to the domain)

I duplicated your error outside of PDQ Deploy. If you look at the attachments you will see that after running the batch file I asked for the last exit (or return) code by typing



Notice in the above image that the Domain field was populated, by default, with the domain AdminArsenal instead of the target computer: Quagmire. After WMIC reported a failure I looked at the error code and verified that it was: -2147217407. Notice, however, what happened after I changed the WMIC command in the batch file to specifically specify the target computer as the Domain value therein modifying only specified LOCAL user accounts.


As you can see this attempt was successful. I used the code snipped above. I used the %ComputerName% variable in my script so that I don't have to hard-code each target computer name that I run this script on. Using PDQ Deploy you can deploy this script to all of your computers.

Also, if you do run across a non-Zero return code and PDQ Deploy shows failure BUT you are certain that the intended change was made and was successful you can always add that return code to the Return Codes field in PDQ Deploy. When this code is encountered PDQ Deploy will interpret the code to mean SUCCESS. An example of this that we have seen is Foxit Reader. We found that Foxit Reader returns an exit code of 1 for SUCCESS. This is not standard (0 is the standard for SUCCESS) but nevertheless we added the Return code '1' to the Return Codes field in the PDQ Deploy Installer properties window.