Is there any way to start a cmd on a remote computer, and then start exe file with a path to it, even if some user is logged on the remote machine.
I have restricted admin rights, and I can not use psexec.
the job should be done with a batch and show the cmd window to the user logged on, so they know something is happening, because some services will bi stopped for 1h.
I tried this:
WMIC /NODE:"name remote comp" /user user /password password process call create "c:\dir1\dir2\dir3\some.exe" /M /NOREBOOT
and some other variations, nothing is happening.
Thanks in advance
I have the permission to run the exe file. I start it logged on the remote machine. I just need to automate the process in the case it should start on view computers at the same time. So I dont need to login and start it on each machine. I tried this also:
WMIC /NODE:"name remote comp" /user user /password password process call create "cmd.exe c:\dir1\dir2\dir3\some.exe" /M /NOREBOOT
WMIC /NODE:"name remote comp" /user user /password password process call create "cmd.exe /c c:\dir1\dir2\dir3\some.exe" /M /NOREBOOT
WMIC /NODE:"name remote comp" /user user /password password process call create "cmd.exe /c c:\dir1\dir2\dir3\some.exe /M /NOREBOOT"
Related
I wrote a little program to automate:
Taking own of a file/folder for a specified User.
Get (for the same User) FULL CONTROL of the file/folder.
Now, it is well know that takeown.exe wants cmd.exe to be run as Administrator rights. So, to do in a batch file (most of the time called from a non-Administrator cmd window), I run:
call runas /noprofile /user:"!domain!\!runasUsr!" "cmd /k takeown /f ""!entity!"" /r"
However, even though I pass as !runAsUsr! a name which is contained in the Administrators Group, I get:
ERROR: the user currently connected does not have the ownership privileges on file/folder ...
I tried setting !runAsUsr! = Administrators, but unfortunately I do not remember the password (if I even set one...). For that, I could change from computer manager (or net command), but I do not well know how that command works, so I wouldn't mess things up.
But still, I do not understand why I get that error since the User I pass is within the Administrators group..
I see from computer manager that default account for computer administration is User:Administrator of the Group:Administrators, so this might be the problem. So, how to set the other account to have same rights?
I also tried
call runas /noprofile /user:"!domain!\Administrator" "cmd /k takeown /f ""!entity!"" /r"
getting following error:
ERROR RUNAS: impossible to execute - cmd /k takeown /f "C:\Program Files\Microsoft VS Code\resources\app\extensions\css" /r
1327: restriction on user account do not allow this user to get access.
For example, empty password field not allowed, access times restrictions or application of restriction criteria.
I have written a batch file which starts OpenVPN. If the client is found, I check the connectivity by running PING. If the server is not found, then this means that although OpenVPN is running, the connection has not been established. At this point I want to restart OpenVPN. Because I am not using the admin account for this script, I always get the error "permission denied" when using TASKKILL /F. Is there anyway around this?
There are two methods of running a command with administrator privileges.
Solution 1:
Right-Click the batch-file and click run as admin.
Solution 2:
Use the runas command to run a command or batch file with administrative permissions. This way the process is still automate but you will still need to type in the password for administrator.
Example:
C:\> runas /user:administrator "taskkill /f /im explorer.exe"
Enter the password for administrator:
Type runas /? for more info.
if you are already the administrator, you can create a shortcut to your batch file and when you right click the shortcut -> properties -> advanced -> check the checkbox "run as administrator"
and voila!
everytime you run the batch script via this shortcut file, it will run as administrator and will kill without any discrimination, happily ever after
I am trying to clear IE cache of a remote computer by using the following script in Powershell
$computer= read-host "computer name"
psexec \\$computer -i 0 cmd /c RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 4351
It runs on the remote computer (the user can see it running) but does not clear cache of the logged on user.
I've also tried to copy a batch file containing the command RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 4351 on to the logged on user's desktop and then running it
$computer= read-host "computer name"
$user = read-host "User ID"
copy C:\test.bat \\$computer'\C$\Documents and Settings\'$user'\Desktop'
PsExec \\$computer -i 0 cmd /c "C:\Documents and Settings\$user\Desktop\test.bat"
Still no joy
If the user runs the batch file himself it clears his cache.
I just basically want to clear the IE cache of the logged on user remotely.
Any help will be highly appreciated.
Cheers
Ronnie
It's incredibly difficult to impersonate a user without knowing their password (imagine the security implications!). In my experience it's easier to run it as either a logon or logoff script using group policy.
I have a Server 2008 R2 Standard. I need to execute a batch-file using psexec from my PC Win7. The only time this worked is when i disabled the UAC on my server. Deactivating the UAC is out of the question, I'm looking for a solution with UAC enabled.
Error message:
Could not start PSEXESVC service on remotehost:
Access denied.
PS: In my command line of psexec I'm using the administrator user of my server to execute the batch-file. The UAC level is 3 on my server.
Best regards,
Tasso
It took me hours to find a working way to PsExec between two Windows 7 computers with a non-Admin user starting PsExec.
Disabling UAC...
EnableLUA=0
ConsentPromptBehaviorAdmin=0
LocalAccountTokenFilterPolicy=1
...did not work, turning off the firewall did not work.
Here I found the working way - thanks JelmerS (PSexec is not connecting to machine using supplied username and password).
*This is because psexec still tries to access the ADMIN$ share with your local credentials, before executing your command as another user. According to this thread, you can cache credentials before executing psexec:
cmdkey.exe /add:MACHINE_NAME_HERE /user:MACHINE_NAME_HERE\Administrator /pass:PASSWORD_HERE
psexec.exe \\MACHINE_NAME_HERE -i notepad
cmdkey.exe /delete:MACHINE_NAME_HERE*
Best regards, Peter
It seems that running PsExec from a Win7/Win2K8 machine against a Win7/Win2K8 target, regardless of the "-u" and "-p" params on the PsExec command-line,those params are ignored and PsExec is being executed remotely with whatever user credentials we happen to be logged in locally with.
Even though you stating which user account to execute the command on the remote system it executes the psexec command as the user that opened the command window.
When opening the Command Prompt, please right click it and select 'run as Administrator'. Meanwhile, make sure the user has administrator privileges on target PC.
The only solution i see to offer is to use the "Runas" (with the account you will need on the remote system) command to execute PsExec and forget the -u -p params.
In command prompt, you can try as,
echo "password" > pwd
runas /env /netonly /user:domain\Administrator "psexec.exe your_local_program.bat" < pwd
del pwd
Or just:
echo password | runas /env /netonly /user:domain\Administrator "psexec.exe your_local_program.bat"
Moreover....
Don't forget to check your Anti-virus which frequently blocks several of the PStools.
I am Help Desk for a company and we have some computers on our VPN. We sometimes have to use Windows Remote Desktop to login to these computers. (mostly Windows XP but some Windows 7)
When we remote into a Windows the computer/session is locked
I would like to be able to make a popup appear on their computer saying they can log back in.
I use 2 command-line tools in order to issue remote commands: psexec & nircmd.
nircmd is useful because it has command-line options to make a pop-up but it will pop-up inside the session not on the "computer locked screen".
I have played with Local Security Policy and it will you to display a message when they first login but not while the session is locked.
It does have an option to display username while session is locked so somehow it can display certain things during a locked session.
#npocmaka Thanks
I ended up using msg.exe but because of restrictions on our company's network I used a combination of psexec and msg
msg server:IPADDRESS /v "message"
didn't work so I used
psexec \IPADDRESS -u username -p password msg /server:IPADDRESS /v "message"
but in order for it to work I had to run
psexec \IPADDRESS -u username -p password reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v AllowRemoteRPC /t REG_DWORD /d 1 /f
on the remote computer. I got the reg command from another post in StackOverflow actually!