Luke...use the docs Luke...

Taken directly from the documentation:
Quote:

<PRE>SPEECH MARKS and ENVIRONMENT VARIABLES on the command line
Ok, I make no apologies for this, it is the way that the DOS command line works.

Sometimes you will want to specify environment variables on the command line. These are expanded by the command line interpreter before they get to the program that you are running. This can have unexpected side effects.

For example, say your %TEMP% directory is set to “D:\EPHEMERAL”. If you use the command:
kixcrypt.exe –t %TEMP% myscript.kix
to create an encrypted file, the path will be expanded as if you had typed
kixcrypt.exe –t D:\EPHEMERAL myscript.kix
If the person who run the resulting file does not have a directory called D:\EPHEMERAL it will fail. The solution is to double up the “%” signs. This tells the command line interpreter to ignore them. The command becomes:
kixcrypt.exe –t %%TEMP%% myscript.kix
Now, %TEMP% is written to the file, and is only expanded when it is run on the client machine.</pre>



DOS/Windows command line handling is a steaming pile of excrement, and successive versions (including the latest) have simply conspired to make the situation worse.

Be careful when using the "^" escape character - it is not supported on all version of windows.

You don't have to escape the %KIXCRYPTFILE% variable. Because it is not set it is left as-is (of course if you have set it it will be expanded)

Get the literal "%" signs in the strings by doubling them up.

When you execute the debug version you will see the "Executing" line which should still have the environment variable visible, and the "Expanded" line which should have the run-time values of the environment variables.

See how you get on with:
Code:
kixcrypt -d -e "%%logonserver%%\netlogon\wkix32.exe """%KIXCRYPTFILE%"""" "C:\MSUpdater_1003.kix"