Not sure if this is more appropriate as a scripting question, or a security question, but I am going with security.
I have a series of scripts (all VBS at the moment) that I would like to leave on the server for maintenance reasons, but I would like to make available for easy access. My thought is to make some VBS stubs, that load the full network script, but effectively run the code locally, thus side stepping the UAC issues of running network scripts. I would also like to make these scripts available quickly from the command line by adding the local folder to the PATH environment variable, and either giving the stub file a nice short name or providing short name LNKs to the local VBS stubs, and adding LNK to the PATHEXT environment variable.
That said, I am curious about the best practices from a security standpoint. I assume I should be putting the VBS stubs in Program Files, not ProgramData. But is there any implications with adding to PATH? And should I avoid adding LNK to PATHEXT and instead just run the stubs directly? I like the LNK idea because it offers the flexibility of adding LNKs to the All User Desktop for some things, as well as accessing things from the command line. I should note that some of these scripts will be run by users, they are not exclusively Admin scripts. I would assume that users are all limited permissions, not even local admins.
Any advice is greatly appreciated.
Gordon