I need to run a script on a large number of windows VMs. psremoting or WMI remoting would be ideal for this, but those connections are blocked by the firewall. However the firewall does enable RDP connections.
It would be possible to remote desktop to each VM individually and run the script, but I want to automate this. Is there anyway to do so through RDP?
I'm not sure If this helps you, But if you are using Hyper-V and you have admin access to Hyper-V host, you could try PowerShell Direct :
https://learn.microsoft.com/en-us/windows-server/virtualization/hyper-v/manage/manage-windows-virtual-machines-with-powershell-direct
Related
Our team has ~80 Windows development machines, and activities of each developer are logged as text files on the local storage of those machines.
To analyze the logged activities, I want to gather all log files from those machines. Additionally, the log files are updated constantly, so It is desirable to gather files with the command-line from my machine.
I’ve searched and found some solutions, but all of those are not suitable for our situation:
We cannot use PsExec, because tcp/135 and tcp/445 are both closed (countermeasure for WannaCry).
Administrative share is disabled.
telnet service is not up and is banned by security reasons.
WinRM is disabled on those machines by default.
It is difficult to install new software like OpenSSH on those machines (because of the rule of this project)
RDP is the only way to connect those machines. (I have an account on all machines)
How can I copy files from remote Windows machines with command-line through RDP?
Or, at least, is there any way to execute a command on remote Windows machines with command-line through RDP?
I think you can do this, though it is very hacky :)
For a basic setup, which just copies files once, what you would need to do is
Run a script in the remote session when it logs in. I can think of three ways to do this:
Use the "Alternate Shell" RDP file property. This runs a specified program in place of explorer.exe on login; you can use it to run "cmd.exe /c [your script]" for instance.
If that doesn't work (e.g. the remote machine doesn't respect it), you might be able to use a scheduled task that runs the script on login, but perhaps only for a specified user, or maybe the script could check the WinStation type to make sure this is actually an RDP connection before doing anything.
It's also possible to do this by connecting in RemoteApp mode and using the script as your "application", but that only works for Server and Enterprise editions of Windows.
Enable either drive redirection or clipboard redirection on the RDP connection, to give you a way to get data out.
Drive redirection is much simpler to script; you just have the remote script copy files to e.g. "\\tsclient\C\logs".
Clipboard redirection is theoretically possible - you have the remote script copy, then a local script paste - but would probably be a pain to get working in practice. I'm only mentioning it in case drive redirection isn't available for some reason.
You would probably want to script to then log the session off afterward.
You could then launch that from command-line by running "mstsc.exe [your RDP file]". The RDP files could be programmatically generated if needed (given you're working with 80 machines).
If you want a persistent connection you can execute commands over, that's more complicated, but still technically possible. Two ways I can think of:
Use the previous method to run a program on logon, but this time create a custom application that receives commands using a transport that isn't blocked and executes them in the session. I've done this with WCF over HTTP, for instance; it's not secure, of course.
Develop and install a service on the remote machine that opens an RDP virtual channel, and a corresponding RDP client plugin that communicates with it. You can then do whatever you want across the connection. While this solution would be the most likely to work, it's also the most heavyweight and time-consuming to implement so it's probably a last resort.
I have script which uses mircrosoft's UIAutomation to automate an application. The script is inside a VPS running Windows Server 2012. The script works perfectly while I am connected to the VPS via Remote Desktop (RDP).
When I am not connected, the script seems to be stuck on SetFocus for a object... which leads me to believe that the script needs a Display/Screen/Session in order to work... but I am not sure if it is possible to do it while I am not connected to the VPS.
I can see 2 possible solutions here, either modify the script in someway to work in this environment or make the VPS have a virtual desktop while I am not connected (this solution might be more related to Server Fault rather than StackOverflow).
I am very confused, thanks for the help in advance :)
I managed to workaround the issue by actually connecting to the server to itself (to 127.0.0.1) via RDP so that it will always have an active RDP session for the automation script to run.
I am not happy with the results but it works... I cannot give clear instructions on how you would need to modify the settings in Windows to allow RDP connections from self, it was a one big trial and error process, I have to modify some policies in the Group Policy Editor and then some stuff that I don't remember.
There is another downside to this, a Windows server will allow 2 simultaneous connections to it but by using this method we are reserving a slot so only 1 connection at a given time is possible, something to be aware of.
I want to start a command(cmd file) on remote windows 7/2008 hosts via rdp connection.
If it possible I want to operate from linux and python. If not - I can use windows.
So I have access to windows machines only via rdp. I have to start commands in automatically mode. What is the easiest way?
Don't.
Use WinRS, which is the proper solution for remote execution on Windows. See Using WinRS.
There are hacks to allow RDP to execute something remotely (eg. Can RDP clients launch remote applications and not desktops), they are hacks. RDP does not have remote execution facilities.
If you want a Linux client, then install an SSH server on your Windows images. If you're brave you could give OpenWSMAN a shot, but frankly I'd stick to ssh.
I want to collate EventLogs from different machines onto one machine. Is there any way that this can be done non-programatically using Windows XP?
I think that there is no automatic way to do that provided by system. You could use Remote Desktop or SSH to access machines, but You will have to connect and retrieve logs from every machine manually.
Of course You can make your own program to do this for You.
I have a windows server 2003 up in the internet.
But sometime I need to restart it.
After restart, I want one of the applications to run.
I want to do this all programatically.
I can now remotely restart the server.
But the question is how can I ask that piece of software to be executed (more precisely, I want to execute a .BAT file to ask a tomcat to run)?
Because I don't want to manually log in to the machine and start that application. That is time consuming. Is there any possible way, once the machine is started, my application will be run as well?
If you're developing an application that should always be running on the server, you probably need to implement it as a Windows service. For C#, see the classes in the System.ServiceProcess namespace -- you will need to inherit from ServiceBase.
Alternatively, you can set the program to be run as a scheduled task on boot. See the Task Scheduler API to do this.
You can install Cygwin and then do it the same way we'd do it on a Linux box: via ssh, using keys.
OpenSSH is not part of the default Cygwin install, so be sure to select it. It's in the Net category.
Then, after you've installed Cygwin and sshd, read /usr/share/doc/Cygwin/openssh.README to learn how to set up sshd as a service, so it will answer requests automatically, without you having to start the ssh daemon manually.
Finally, set up keys, as described in the link above.
Part of the ssh protocol is a way to ask a remote machine to launch a program. Setting it up with keys lets you do it without needing a password.
You could try xCmd, which is a freeware app to run a command on a remote machine.