The situation: I have a batch file that runs a remote session from the file server (NT4.0) to a user's machine with psexec.exe from under a domain admin's account. Naturally, I don't want users to peek into the batch file and get the domain admin password, so I set the permissions as (RX)(X). Everything works great on 2k/XP machines-- user's can run the script, but cannot copy or edit it. On NT clients, however, they can edit the .bat file and see the password. How can I get around this? I attempted to use "bat2exe", but the psexec command does not funtion in the resulting .com file. Any ideas on how to get around this problem?