I'm connecting to a windows machine over SSH and would like to launch a GUI app in an existing interactive session.
This should work using psexec -i, but it fails for me in various ways:
psexec -i 1 notepad.exe: notepad crashes without showing UI
psexec -i 1 cmd.exe: I get a black box the size of a cmd.exe window, it never renders. If I look at the window title with "alt-tab", it does say this is an [Administrator] process which is not what I expected.
psexec -i 1 <path to vscode>, it launches successfully but then raises a number of errors related to credential storage.
psexec -s -i 1 cmd.exe: this launches fine, but the process is running as nt authority\system, which is not what I want.
psexec -i 1 -u my_user -p my_pwd <path to vscode>: this works fine, but I can't require passwords and want to use ssh key-based auth instead.
I've seen a ton of questions/answers where it looks like '-i' works for people so I'm not sure what's going wrong here. Any ideas?
It could be due to incorrect session id.
Can you check if the session id is correct, by navigating to users tab in the task manager
Screenshot of Session ID Screen
Related
I am launching a locally installed executable automated gui program that uses pyautogui on ansible hosts running windows. I use the ansible powershell module (ansible.windows.win_powershell) to run the following command on all of my hosts: psexec -i 1 -d my_prog.exe when I run this command it runs most of the way through but when it requires pyautogui, it simply stops without even throwing an error. If I add -s so I'm now calling this: psexec -i 1 -s -d my_prog.exe it almost works, except launching the exe as admin (which is what adding the -s does) makes it so my program no longer recognizes the microphone, which it did before, and I need the microphone for my program to run properly. Psexec is necessary as I have found no other way to launch GUI apps on windows machines over ansible. My biggest concern is that I am unable to see the microphone when running the script as admin, because when not in admin mode, the program does in fact recognize the microphone.
I need to run remotely GUI Desktop App when connected through SSH.
Is this even achievable? When I try to run app(any GUI) it just hangs there and does nothing.
I need to explicitly make this work with SSH.
For anyone wondering how to run GUI applications using psexec, this is the solution:
psexec64 is located in C:\Windows
psexec64 -accepteula -nobanner \\SERVER.company.co -u DOMAIN\user -p password -h -i 2 C:\\Windows\notepad.exe
Note: You can run any exe on the server, as well as you can run locally,
also if you need to run it from linux here is solution:
First install winexe: https://sourceforge.net/projects/winexe/ - google for installing from cli
winexe -U DOMAIN/user%password //SERVER.company.co "psexec64 -u DOMAIN\user-p password -accepteula -nobanner -h -i 2 C:\Windows\notepad.exe"
Hopefully this will help someone
I have an interesting dilemma with PuTTY PSFTP.
Set up...
Pageant .60
putty .60
Used command:
D:\psftp.exe -load myserver.domain.us.com -l User1 -b MyCommand Script
This loads PuTTY PSFTP, logs in using the user ID with the help of Pageant and then sends a file using commands in the script.
This works great while logged in as an Admin on the server.
It fails while logged in as a regular user on the server:
"psftp: no hostname specified;"blah blah blah.
Including -v reveals no further messages.
What possible delta could there be with permissions or other settings between a server Admin and regular user when it comes to PuTTY?
You load PuTTY stored site myserver.domain.us.com.
That is stored in Windows registry of the local account.
If you run the script using a different account, it won't see the site definition.
You have to define the session completely on command line. What you probably even attempted.
Remove the -load;
Add -ssh to make it clear you want to use SSH (but it's default anyway)
Add -hostkey=... with a fingerprint of the SSH host key (you need the latest version of PuTTY for the -hostkey switch, but you need to upgrade anyway, the version 0.60 is not secure).
D:\psftp.exe -ssh myserver.domain.us.com -hostkey=... -l User1 -b MyCommand Script
I'm attempting to force a VM to log the current user out and send the session to the console via running a .bat script.
I can get this working if I manually run a .bat file on the VM which contains the following:
%windir%\System32\tscon.exe 0 /dest:console
However, when using psexec or paexec to call the same .bat:
c:\>psexec.exe \\virtualmachine -u domain\username -p password -h cmd /c
c:\user\atest\desktop\test.bat
I get an access denied:
Could not connect sessionID 0 to session name console, Error code 5
Error [5]:Access is denied. C:\windows\system32\tscon.exe exited on
virtualmachine with error code 1.
Alternatively, I've tried (same result):
C:\>PsExec.exe \\virtualmachine -u domain\username -p password -h
C:\windows\system32\tscon.exe 0 /dest:console
I'm not sure where I'm going wrong, because this starts iexplore.exe fine:
C:\>PsExec.exe \\virtualmachine -u domain\username -p password -h "c:\program files\internet explorer\iexplore.exe"
The problem was because the user was connected via RDP, it was not session 0. I had to run "query user" to get the session ID of the RDP connection, then pass that into PsExec using "-i" like so:
C:\>PsExec.exe -s -i $id \\virtualmachine c:\windows\system32\tscon.exe $id /dest:console
Because this is running as system (-s) I didn't need to pass in any authentication.
This answer helped me with the concept of sessions, hope it helps someone else.
I had a batch file that worked for years ending a RDP session and leaving the host screen unlocked, it had conditions for sessionid's 0 through 10 just in case. Then this week after a windows update loaded it stopped working and I kept getting 7045 errors in the results of the batch file. The RDP session would close but the host machines screen was locked. The host machine runs a message board so this was not acceptable and the machine is mounted to the ceiling so no mouse or keyboard is possible.
I searched a ton and found nothing that worked more than once if it worked at all. Then I found this by chance, and when I ran this power shell command my problem was solved. It works great so far and better yet you don't have to know the sessionID or name, or pass a password in a text or batch file.
#powershell -NoProfile -ExecutionPolicy unrestricted -Command "$sessionid=((quser $env:USERNAME | select -Skip 1) -split '\s+')[2]; tscon $sessionid /dest:console" 2> UnlockErrors.log
Just copy the script into a text file, rename it something.cmd then create a shortcut to it on the hosts desktop and go to the properties and select advanced and have it run as administrator. Easy. Works on win7 pro. I found the script here https://steamcommunity.com/groups/homestream/discussions/0/617335934139051123/?ctp=5
I also faced the same issue with the following command
Command – tscon SessionID /dest:console /password: ****
Resolution: I worked a lot and finally got to know the issue is with password. i.e. the password length should not be greater than 13 characters. But in this case password = 20 characters.
Later I changed the password to ****(12 characters) and issue got resolved.
If you are not a local administrator of the VM, you won't be able to do this. The session I was logged-in with was not a local admin, but when running the shortcut "as an administrator", I tried using another account that was a local admin (when prompted). However, this doesn't work. The account you are moving to the console session is the one you are logged-in with, but if you use a different account for the shortcut elevation, TSCON will try using that account instead.
Ok here's an interesting problem I've run into. I'm attempting to reboot some computers remotely using psshutdown and getting access denied errors unless I run the cmd from a cmd prompt that was run as admin. I myself am an admin on my machine as well as on the remote computer so my credentials should work just fine.
Example code:
psshutdown /accepteula \\COMPUTER.DOMAIN.COM -u DOMAIN\USER -p Password -r -t 0
Example output:
Could not start PsShutdown service on COMPUTER.DOMAIN.COM:
Access is denied.
However when run from admin cmd window:
COMPUTER.DOMAIN.COM is scheduled to reboot in 00:00:00.
As kludge-y as it seems, is it possible to use psexec to run psshutdown as an elevated user?
After running around in circles with this I ended up using:
runas /netonly /user:DOMAIN\USERNAME "shutdown -m \\XXX.XXX.XXX.XXX -r -f -t 0"
Which isn't ideal but got the job done.
Ok, try this. It will open an external window where you can remotely shutdown computers on your network:
shutdown -i
You can type this straight into the CMD window without needing to create a .bat file.
Hope this helps!