I want to call (execute) a cmd or ps1 script remotely from one Windows 2016 Server 2016 on another. The problem is that script access to a \\network-share is denied.
Reproduce:
(1) a batch or ps1 script with specific Domain-User to \\network-share is successful:
dir \\network-share results in what it should.
(2) try to execute this script from another server via wmic or ps1 with the same user that has access to \\network-share (wmic /node:"node" /user:"domain\usr" /password:"pwd" process call create "cmd.exe /c C:\temp\cmd.bat").
The cmd.bat contains: dir \\network-share or dir \\<UNC-FQDN>\share or dir \\<IP>\share and always gets „Access is denied“ although domain\usr itself has access to the \\network-share.
(3) the identical routine (2) with dir C:\temp runs like expected.
Already tried some registry keys, e.g.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies]
DisableLoopbackCheck
DisableStrictNameChecking
BackConnectionHostNames
LocalAccountTokenFilterPolicy
Maybe one of those is needed on both machines and I did not try every option but to understand what might be the problem here could help I guess.
So, thx & Kind Regards :-)
In the meantime I found two ways to overcome the problem:
a) using Sysinternals PsExec.exe -u domain\user -p pwd -i \\node C:\temp\cmd.bat
b) Create a Scheduled Task on the target machine that can be executed remotely by C:\Windows\System32\schtasks.exe /run /tn "name of the task" /s node /u domain\user /p pwd
Maybe this will help somebody else.
Related
I'm trying to use a batch FOR loop inside a psexec. I need to make a script that offers me the possibility to choose the subfolders (I store the items in %list_of_items%) in %local_folder% that are needed to be copied with ncftpput on remote server. I cannot put the entire psexec inside the loop because I dont want to insert every time the password.
The piece of code:
psexec \\remote_server -u DOMAIN\user cmd /c FOR %%i IN "%list_of_items%" DO ("ncftpput -f c:\folders\file_with_creds.cfg -R remote_folder/ %local_folder%/%%i")
Example
I have:
%local_folder%\folder111
%local_folder%\folder222
%local_folder%\folder333
I choose to copy the items folder111 and folder333 so I store them in %list_of_items%. For every item in the list I need to run ncftpput to transfer to remote server the folder but doesnt work....
The error:
"folder111" was unexpected at this time.
cmd exited on remote_server with error code 1.
Can you help me please to find what I'm doing wrong?
Thank you.
I've gotten some help with an earlier part of this batch file, but now I'm having trouble with the final component.
I've tried a few things with no success. I tried changing the CRLF to LF which did nothing. I also tried rephrasing the commands a few ways but I am still not getting anywhere. The following is my main batch file.
#echo on
REM delete deauth command file
SET OutFile="C:\temp\Out2.txt"
IF EXIST "%OutFile%" DEL "%OutFile%"
plink -v -ssh *#x.x.x.x -pw PW -m "c:\temp\WirelessDump.txt" > "C:\temp\output.txt"
setlocal
for /f %%a in (C:\temp\output.txt) do >> "Out2.txt" echo wir cli mac-address %%a deauth forced
REM Use commands in out2 to deauth
plink -v -ssh *#x.x.x.x -pw PW -m "c:\temp\Out2.txt"
pause
Below this sentence is the command found in Out2 which I think is giving the actual trouble. The number of lines varies but they are all this particular command just with differing MACs.
wir cli mac-address xxxx.xxxx.xxxx deauth forced
If Out2 has only a single line it runs fine, no issues. But when there are multiple lines, it fails with an error stating that the Line has an invalid autocommand. It's almost as if it was reading it as one contiguous command. As I mentioned above I changed from CRLF to LF hoping IOS would like it better, but that failed. I've tried adding extra lines between the commands, and I've tried calling the login every time from that file.
I am hoping that there is a way to tailor the commands to pass all lines one at a time to keep this down to a minimum of files.
I had another thought but it is kinda/very clunky. If there was a way to output each of those MAC deauth commands to their own file in a saperate folder (out1, out2, out3), and have the BAT able to run all the randomly generated files in that folder so that each one is a separated plink session.
Let me know if I need to change/add/elaborate on anything. Thanks in advance for anything you guys are willing to help with. I appreciate it.
EDIT: Martin has pointed out what the limitation actually is. It appears to be a limitation on Cisco to accept blocks of commands through SSH. So I still have the same question really, I just need some help figuring a workaround to this issue. I'm thinking the multiple file solution I mentioned above may have some possibility. But I'm too much of a noob to know how to make that work. I'll update if I have any breakthroughs though. Thanks for any contributions!
It's actually a known limitation of Cisco, that it does not support multiple commands in an SSH "exec" channel command.
Quoting section 3.8.3.6 -m: read a remote command or script from a file of PuTTY/Plink manual:
With some servers (particularly Unix systems), you can even put multiple lines in this file and execute more than one command in sequence, or a whole shell script; but this is arguably an abuse, and cannot be expected to work on all servers. In particular, it is known not to work with certain ‘embedded’ servers, such as Cisco routers.
Though you can probably still feed multiple commands to Plink input:
(
echo command 1
echo command 2
echo command 3
echo exit
) | plink -v -ssh user#host -pw password > output.txt
Or you can simply use an input file:
plink -v -ssh user#host -pw password < input.txt > output.txt
Similar question: A way of typing multiple commands in cmd.txt file using PuTTY batch against Cisco
This works without cmd.exe and using files:
function Invoke-PlinkCommandsIOS {
param (
[Parameter(Mandatory=$true)][string] $Host,
[Parameter(Mandatory=$true)][System.Management.Automation.PSCredential] $Credential,
[Parameter(Mandatory=$true)][string] $Commands,
[Switch] $ConnectOnceToAcceptHostKey = $false
)
$PlinkPath="$PSScriptRoot\plink.exe"
$commands | & "$PSScriptRoot\plink.exe" -ssh -2 -l $Credential.GetNetworkCredential().username -pw "$($Credential.GetNetworkCredential().password)" $Host -batch
}
Usage: dont forget your exit's and terminal length 0 or it will hang
PS C:\> $Command = "terminal lenght 0
>> show running-config
>> exit
>> "
>>
PS C:\> Invoke-PlinkCommandsIOS -Host ace-dc1 -Credential $cred -Commands $Command
....
Sounds like your file 'Out2.txt' has only LF at end of line. Simple way to convert that to CRLF is to use MORE command and redirect output to a new file and then use the new file.
more Out2.txt > Out2CRLF.txt
I ran into the same issue when trying to pull the full list of ACLs on an ASA via plink in powershell.
Essentially, due to the abuse issue referenced in the documentation: https://the.earth.li/~sgtatham/putty/0.72/htmldoc/Chapter3.html#using-cmdline-m, I was getting inconsistent results in pulling the ACLs. Sometimes I would get 0, sometimes only 1 or 2, and sometimes I would get all of them. (I personally, had about a 1 in 5 success rate).
As I would occasionally be successful I used a while loop that would catch the unsuccessful attempts and retry. Just be sure to put some timing on the while loop to prevent it from spamming ssh connections too much.
It is not a good solution, but it worked as a last resort.
I want to know if there is a certain command that you can type into cmd to print system information, such as the RAM, hard drive storage, OS, etc. I have looked around but cannot find anything. If there is one, please give me the syntax and an example of using it. Thanks!
Windows Management Instrumentation (WMI) might be interesting for you.
E.g. wmic cpu get Name prints information about CPU
See: http://www.deepakg.com/blog/2007/08/using-wmic-for-gathering-system-info/, http://blogs.technet.com/b/askperf/archive/2012/02/17/useful-wmic-queries.aspx and https://superuser.com/questions/334641/whats-the-equivalent-command-of-wmic-memlogical-in-windows-7
You could also use systeminfo
start "" /w "C:\Program Files\Common Files\Microsoft Shared\msinfo\msinfo32.exe" /report "%temp%\msinfo.txt" /categories +all & more "%temp%\msinfo.txt"
Plus these are some other commands. Check the help on each /?.
nslookup -type=ANY www.smh.com.au
vssadmin list shadowstorage
winsat features -eef -v
SCHTASKS /query /fo:list
whoami
hostname
quser.exe
ipconfig
driverquery.exe /fo list
mrinfo
gpresult.exe
openfiles.exe
netstat
powercfg.exe
QUERY USER /server:myserver
tasklist
I have a BAT file that runs a script on oracle :
sqlplus myuser/mypassword#mydatabase #C:\runthisfile.sql
I want to distribute this to other users (that don't necessarily know how to modify a BAT file).
I want the dos prompt to ask the user to enter their user and password (obviously I don't want to give them my connection details). Have tried all types of combination but all that happens is that I end up with SQL>......
Am stumped!
You can use the SET command with the /P argument in order to prompt the user for text during a batch file run, for example:
SET /P variable=Please enter text
This will then fill variable with whatever they type before hitting return.
#ECHO OFF
SET /P uname=Username:
SET /P pass=password:
This is a simple program which will prompt the first for a username, then a password.
You should then be able to pass this as an argument to sqlplus:
sqlplus %uname%/%pass%#mydatabase #C:\runthisfile.sql
Regarding with SQLPlus stop, doing nothing:
Sometimes SQLPlus finish with ... meaning that is waiting for something more.
Try to add "/" (without quotes) in the end of your SQL file to execute it.
I hope it will help...
It is the very simple code for opening SQLPLUS without entering usename and password manually.
sqlplus -L UserName/Password
For example : sqlplus -L Rak4ak#sun64/rk4
For Understanding :
sqlplus [ [] [{logon | /nolog}] [] ]
is: [-C ] [-L] [-M ""] [-NOLOGINTIME] [-R ]
[-S]
-C <version> Sets the compatibility of affected commands to the
version specified by <version>. The version has
the form "x.y[.z]". For example, -C 10.2.0
-L Attempts to log on just once, instead of
reprompting on error.
-M "<options>" Sets automatic HTML markup of output. The options
have the form:
HTML [ON|OFF] [HEAD text] [BODY text] [TABLE text]
[ENTMAP {ON|OFF}] [SPOOL {ON|OFF}] [PRE[FORMAT] {ON|OFF}]
-NOLOGINTIME Don't display Last Successful Login Time.
-R <level> Sets restricted mode to disable SQL*Plus commands
that interact with the file system. The level can
be 1, 2 or 3. The most restrictive is -R 3 which
disables all user commands interacting with the
file system.
-S Sets silent mode which suppresses the display of
the SQL*Plus banner, prompts, and echoing of
commands.
is: {[/][#] | / }
[AS {SYSDBA | SYSOPER | SYSASM | SYSBACKUP | SYSDG | SYSKM}] [EDITION=value]
Specifies the database account username, password and connect
identifier for the database connection. Without a connect
identifier, SQL*Plus connects to the default database.
The AS SYSDBA, AS SYSOPER, AS SYSASM, AS SYSBACKUP, AS SYSDG,
and AS SYSKM options are database administration privileges.
Here's a trivial batch:
#echo off
if not .%1==.-b goto else
echo Running with -b flag ON
goto endif
:else
echo Running with NO flags
:endif
Now, trying to run this from a scheduled task on a Windows Server 2003...
If the task is ran like: "C:\Test\test.bat" then the log (Schedlgu.txt) says:
"Test Job.job" (test.bat)
Started 7/14/2010 10:27:19 AM
"Test Job.job" (test.bat)
Finished 7/14/2010 10:27:19 AM
Result: The task completed with an exit code of (0).
However, when running like: "C:\Test\test.bat -b" then:
"Test Job.job" (test.bat -b) 7/14/2010 10:28:02 AM ** ERROR **
Unable to start task.
The specific error is:
0x80070005: Access is denied.
Try using the Task page Browse button to locate the application.
The task is running under the Admin account (of the domain). I have also granted full access to this user to the local cmd.exe
Any thoughts why the task fails when running a batch with one argument?
Thx
Run the task with parameters like this:
"C:\Test\test.bat" -b
Note the different quoting!
The fisrt string inside quotes is always considered the file name, hence the error message you see.