In windows 10 cmd, I started a process C:\Windows\system32\svchost.exe -k RPCSS -p successfully. How do I list the services it is currently managing?
I've looked at tasklist, however, that requires the image name, and I am unsure how to identify which svchost it is, in process explorer.
You can try with wmic in cmd to get the commandline of the process :
wmic process where "name like 'svchost.exe' And CommandLine!=Null" get commandline /Value
Related
I have a docker image that only runs if there are 6GB of RAM available. Unfortunately on Windows and Macs the docker VM is limited to 2GB by default. You need to go to the Docker advanced settings to change this. This is something I'd rather not have my users do.
Is there a shell command (or Powershell command on Windows) that changes this limit? I'd much rather tell my users they should run one command from the terminal, than have them mess with the advanced Docker settings.
With docker for windows, gui settings are stored in C:\Users\$YOUR_USER\AppData\Roaming\Docker\settings.json, also could be simplified as ~\AppData\Roaming\Docker\settings.json, in it you will find something like next:
{
......
"memoryMiB": 2048,
......
}
The default memory hyper-v machine used is 2048M, you can change it to any value you needed then restart the docker to meet your requirement.
You can use any method to modify the file & restart docker just as you like. Next is a sample powershell script for your reference:
a.ps1:
(get-content ~\AppData\Roaming\Docker\settings.json) | foreach-object {$_ -replace '"memoryMiB":.*', '"memoryMiB": 3072,'} | set-content ~\AppData\Roaming\Docker\settings.json
net stop docker
net stop com.docker.service
taskkill /IM "dockerd.exe" /F
taskkill /IM "Docker for Windows.exe" /F
net start docker
net start com.docker.service
& "c:\program files\docker\docker\Docker for Windows.exe"
Execute in powershell (NOTE: need to run as administrator):
powershell.exe -File "C:\abc\a.ps1" -ExecutionPolicy Bypass
Above will run a.ps1 in which it will change memory value & restart the docker, after that, the memory will just what you needed. You may change some path in the script based on your real situations on your computer.
Wondering if anyone knows how to/if it is even possible to resize a PowerShell windows that I open on a remote computer using the batch file I used to run it.
1 #ECHO OFF
2 title Remote Start ProgramName Server
3 cd "C:\IT\FOLDER"
4
5 #ECHO OFF
6 SET /p _computer=Computer Name:
7
8 #ECHO "Launching Program Server On Remote PC %_computer%"
9
10 start PowerShell.exe .\psexec -i \\%_computer% '"C:\Program Files\ProgramFolder\programserver.exe"'
11
12 #ECHO "Launching ClientSideProgram on Local Machine"
13 start "" "C:\Program Files\ProgramFolder\programclient.exe"
14
15 PAUSE
16
17 start "" PowerShell.exe .\pskill \\%_computer% programserver.exe
18 ECHO "Program Server Terminated"
19
20 PAUSE
So as far as I have tested this, it works, but when I do start PowerShell.exe on line 10, it, as expected opens a powershell. THIS is the powershell I would like to resize to the smallest possible size, so that it's not as big of a nuisance when it opens.
Thanks in advance for whatever help anyone has
Edit: If resizing is not possible, can I just 'hide' it? or move it to the background at all?
This is a batch file that is just using PowerShell to call psexec.
Either use PowerShell Remoting ---
Running Remote Commands
Start an Interactive Session To start an interactive session with a
single remote computer, use the Enter-PSSession cmdlet. For example,
to start an interactive session with the Server01 remote computer,
type:
Enter-PSSession Server01
Run a Remote Command To run a command on one or more computers, use
the Invoke-Command cmdlet. For example, to run a Get-UICulture command
on the Server01 and Server02 remote computers, type:
Invoke-Command -ComputerName Server01, Server02 -ScriptBlock {Get-UICulture}
--- or use PSexec and target that remote host.
PsExec - Windows Sysinternals | Microsoft Docs
Using psExec to Open a Remote Command Window
https://blogs.technet.microsoft.com/systemcenteressentials/2009/09/01/using-psexec-to-open-a-remote-command-window
psExec \computer cmd
PsExec (SysInternals)
Execute a command-line process on a remote machine.
Much of PSRemoting requires that you use an account that is in the local admin group on the target. However, there are some that do not.
The only reason to use PSExec over PSRemoting is if PSRemoting is not enabled and if you need to run Code in the context of the logged on user.
# PowerShell only via PSRemoting
$TargetComputerName = Read-Host -Prompt 'Enter a computer name.'
Invoke-Command -ComputerName $TargetComputerName -ScriptBlock {
'C:\Program Files\ProgramFolder\programserver.exe'
} -Credential 'contoso\administrator'
# PSExec only
psexec \SomeTargetComputerName -c C:\Program Files\ProgramFolder\programserver.exe
With PSRemoting nothing is ever displayed on the targethost.
With that PSExec command, nothing is ever displayed on the targethost.
If you use PSExec to run in the context of the logged on user on that target host, then stuff will display when you call PowerShell.exe unless you use the minimize or hide switches.
This indicates that you are new to PowerShell and PowerShell remoting commands. Please hit up YouTube and view some of the talks on PSRemoting, running remote command, running remote programs, well, PowerShell in general.
Found the answer from a fellow colleague of mine. Apparently, very easy to just star minimized.
start /MIN
will do just that
I wonder how you can write a batch file or powershell script that, given an input of a user name, that it goes and kill every processes that is owned by that user.
For example, if I input user name: testuser. I want the script to go and kill every system processes that its owner is testuser.
On a Windows Server 2008, 2012.
Thanks.
use the command taskkill on windows server, you can kill any processes owned by specific user.
TASKKILL /F /FI "USERNAME eq "
Using powershell you can list all processes started by a specified user:
Get-Process -IncludeUserName | where {$_.UserName -eq "<Username here>"}
To kill/stop a process, either call .kill() on each result or feed the result into Stop-Process.
Please consider my problem :)
1) I Have a Windows 7 - x64 system with cygwin installed and SSHD running.
2) From another Windows machine , from futty, SSH to the above machine.
3) Command "TaskKill /IM explorer.exe /F" to kill explorer. Success!
4) Command "/cygdrive/c/Windows/sysnative/cmd.exe /c start /B explorer.exe" to start explorer. Failed!!
From task manager I can see that the explorer process is running, but no visible "proof" for it. No icons , No task bar.
5) (optional) Command "ps -W | grep explorer | cut -c 31-36 | paste -s -d," to see running explorer process Id from cygwin shell itself.
After searching google and StackOverFlow, the command mentioned in step 4 worked manually on direct cygwin shell on target system.
Primary::
My question here is, is there any command to replace in Step 4, so that we have a "neat" Windows Explorer process up and running ?!
Secondary::
My aim is to remotely kill and start windows explorer properly, Any methods for doing it ?!
Advanced Thanks!
- Rx3 -
I work on my computer A.
I would like to run a batch script.bat on my computer B (C:\Documents\script.bat). The password of the admin session of B is PASSWORD.
This is my command to execute my batch from computer B :
start C:\Documents\script.bat
Now, I would like to run it with this argument : 3.2.16
I've tried these 3 commands but it says "incorrect caracter"
start C:\Documents\script.bat "3.2.16"
start C:\Documents\script.bat '3.2.16'
start C:\Documents\script.bat 3.2.16
Also, I would like to run it from my computer A.
Can you help me please ? Thank you in advance.
If you want to run a process remotely, you'll either need to use Sysinternals psexec, or wmic. The difference is that psexec diverts its output to the computer it's invoked from; whereas wmic displays a window on the remote PC.
If you're curious, the wmic command syntax is as follows:
wmic /node:remotePC /user:remotePC\user /password:password process call create 'cmd /c "c:\path\to\script.bat" "arg1" "arg2"'
If you need to view the output of script.bat, redirect the output remotely to a text file, then read the text file.
wmic /node:remotePC /user:remotePC\user /password:password process call create 'cmd /c blah ^>c:\output.txt'
net use z: \\remotePC\c$ /user:remotePC\user password
type z:\output.txt
del z:\output.txt
net use z: /delete
...for example. But it's probably easier just to download and use psexec.