Automate Bleachbit and skip UAC


Hello fellow Bleachbit users,

This post is going to be long and I am not even sure if I should ask it here. But I guess I will try my luck here.

I an trying to setup to run Bleachbit automatically when users start up their computers. These computers are all Windows 10. I have made a simple script and deploy it through Group Policy

"C:\Program Files (x86)\BleachBit\bleachbit_console.exe" --no-uac -c system.tmp system.clipboard system.memory_dump system.muicache system.prefetch system.recycle_bin system.updates

And it runs like it supposes to because I gave admin privileges at the GPO. Therefore, when the user logins, the script will run and clean stuff without any UAC prompt.

However, I would like to do the same thing on some of the laptops in our environment that are not domain-joined. Instead of deploying with Group Policy, I copy the script to the laptops "Start Up" folder, so it will run every time the computer is turned on. However, when the user logins to the laptop, Bleachbit is not able to clean some of the items even though the user account is a local admin account. Therefore, I have tried couple different things to see I can work around the problem.

1. Right-click on bleachbit_console.exe --> Properties --> Compatibility --> Check "Run this program as an administrator". After selecting this setting, there is an UAC prompt every time I run the script or bleachbit_console.exe. But it is able to clean the stuffs that were being denied before. I would like to skip that UAC prompt to make it 100% automatic without disabling UAC completely.

2. Then I also tried using Scheduled Task. There is an option in scheduled task that let you run the task with the highest privileges. With that set, I was able to run my bleachbit script without any user interaction. However, I have problem exporting and importing the Scheduled Task to other machines. I got error message like "Error: No mapping between account names and security IDs was done" when I tried to import the Scheduled Task using Admin CMD. Therefore, I am wondering if anyone was able to implement Bleachbit in Schedule Task.

Thank you for reading this looooonng post.

Yes, I see the problem.

You could completely disable the UAC, but that is a bad security practice.

Have you tried google search for "Error: No mapping between account names and security IDs was done" ?

As an alternative, does this article help? (To be honest, I only skimmed it)

Andrew, lead developer