I have created a self-hosted agent machine in an interactive mode (Windows 10) to run the unit tests. To disconnect from the Remote Desktop Connections while Running Automated Tests I am executing the below command from a command-line task (from Azure DevOps). This is working fine when the user logged into the agent machine. But getting an error If there is no user logged into that agent machine.
Is this expected behavior? Can we bypass this?
%windir%\System32\tscon.exe 1 /dest:console
Error:
Could not connect sessionID 1 to sessionname console, Error code 7045
Error [7045]: The requested session access is denied.
I tried with the other options as well like creating a batch file with the below code and executing it while running the pipeline.
This one is also giving the same error
for /f "skip=1 tokens=3" %%s in ('query user %USERNAME%') do (
%windir%\System32\tscon.exe %%s /dest:console
)
Command query user %USERNAME% will return the session even if the user is not currently logged in.
You can run command query user ^| find "Active" to query the active login users only.
See below:
for /f "tokens=3" %%s in ('query user ^| find "Active" ') do (
%windir%\System32\tscon.exe %%s /dest:console
)
Related
I have an openvpn server running on a windows 10 host. The openvpn server config has a parameter -auth-user-pass-verify which allows you to specify a script that will receive a login username and password in the form of a temporary file.
In the .bat file I capture the username and pass as follows
set /A count=0
for /F "tokens=*" %%A in (%~1) do (
if !count!==1 (
set password=%%A
set /A count=2
)
if !count!==0 (
set username=%%A
set /A count=1
)
)
This part works and is verified, both when the script is run by myself and when it is called by openvpn. I then call an external .exe to verify the password.
for /f %%i in ('c:\"Program Files"\OpenVPN\config\foo\foo.exe %password%') do set RESULT=%%i
Now this last parts works when I call the .bat from command prompt myself, but it fails when the .bat is run by openvpn -- nothing is written to "RESULT". I don't even know if the exe is being called at all.
I have tried openvpn server with admin privileges. I have tried --script-security 2 and 3. Openvpn documentation says it calls the script "as a shell command" for what it's worth.
Try this:
for /f %%i in ('"c:\Program Files\OpenVPN\config\foo\foo.exe" %password%') do set RESULT=%%i
When running command prompt in Standard user account echo %userprofile% command shows current user name but when run as administrator it will shows admin user name.
How can i get current standard user name even the command prompt in run as administrator mode? What ShellCommand is used for this?
I found the solution.
for /f "tokens=2" %u in ('query session ^| findstr /R "^>"') do #echo %u
It works.
I am in the process of creating a script a user would run on their local machine to install an application by running msiexec. Unfortunately the install will fail if the user does not have to correct privileges.
msiexec does write to a log and will tell me that it's failed due to permissions but I do not find this to be a very elegant solution.
How can I find out locally from a Windows command line whether or not they can install applications?
I believe that there are policy settings which can allow a non admin user to run an msi, so you may need to incorporate that with an admin check just in case they are set.
#Echo Off
"%__APPDIR__%net.exe" Session >Nul 2>&1 && GoTo Success
Set "RKey=HKCU HKLM"
Set "SKey=SOFTWARE\Policies\Microsoft\Windows\Installer"
Set "KVal=AlwaysInstallElevated"
Set "KDat=0"
For %%A In (%RKey%) Do For /F "Tokens=3" %%B In (
'"%__APPDIR__%reg.exe" Query "%%A\%SKey%" /V "%KVal%" 2^>Nul'
) Do Set/A KDat+=%%B
If %KDat% NEq 2 Exit/B
:Success
Echo( You can install!
Timeout -1
Just change the code below :Success to run your .msi installer.
We create a bunch of windows Jenkins slaves on Amazon EC2, and make them autologon after they are provisioned.
Once logged on, we use connect the slaves back to master via java web start by execute "ps", with all of this, we can run selenium perfectly with IE except we can't get a higher resolution than 1024*768. We got screenshot, we can see the browser running on the GUI if connected with RDP, just like running on a physical PC.
But a flaw is that, the hover action doesn't work on IE unless we connect to the slave through remote desktop one time before the test starts, just connect once, nothing else, I can even close the RDP session.
I guess something triggered by the RDP connection, just can't figure out what is that.
You can try to adapt your test scripts to have them make an RDP connection before you start your tests, if there is none. This is the code I used for one of our projects to ensure an RDP connection is active:
REM check if user has an RDP session. Will store the session ID of the user in the SESSION variable
call :getsession computername username SESSION
if "%SESSION%" EQU "" (
REM initiate an RDP connection to 'computername', wait, and disconnect by killing the process
mstsc.exe /v:computername & ping -n 5 1.1.1.1 & taskkill /F /IM mstsc.exe
)
REM check again the session
call :getsession computername user SESSION
if %SESSION% NEQ "" (
echo start your tests
)
:getsession
for /F "tokens=1,2,3,4" %%i in ('query session /SERVER:%1 ^| findstr %2') do if %%j EQU %2 (SET %3=%%k) else (SET %3=%%j)
goto :eof
Note that the automatic connection will only be made if you save credentials on the machine from which you start the remote desktop:
cmdkey /generic:computername /user:rdp_username /pass:rdp_password
After executing this once the mstsc.exe will be able to connect to the machine without user interaction.
We have domain users that use a remote instance of an app through RDP. The app is quite buggy, and their session needs reset frequently. I'd like to build a script that uses psexec from the client to reset the session on the server.
psexec \\server -u user -p pass query session
shows all the sessions
psexec \\server -u user -p pass reset session_id
resets the session based upon the id.
I need a way to reset the session based upon the username, instead of session name or id
Try this combination of commands to get the username and then you can kill the session by id. You will need PsLoggedOn from Windows Sysinternals Here is the a link which explains the commands. How to check who has logged into your system
PSLOGGEDON -L \\remotecomputeror
PSEXEC \\remotecomputer NET CONFIG WORKSTATION | FIND /I " name "
PSEXEC \\remotecomputer NET NAME
PSEXEC \\remotecomputer NETSH DIAG SHOW COMPUTER /V | FIND /i "username"
FOR /F %%A IN ('REG Query \\remotecomputer\HKU ˆ| FINDSTR /R /B /C:"HKEY_USERS\\S-1-5-[0-9][0-9]-[0-9-]*$"') DO (
FOR /F "tokens=3 delims=\" %%B IN ('REG Query "\\remotecomputer\%%A\Volatile Environment"') DO (
SET LoggedinUser=%%B
)
)