I have a requirement where i need to delete the contents of the temp folder on number of remote windows machines.
i tried below wmic command to delete
WMIC /node:...** /user:xxxx /password:xxxx path cim_datafile WHERE "path='%Winddir%\temp*.tmp' AND Extension ='tmp'" delete**
But it throws an error saying
ERROR:
Description = The RPC server is unavailable.
Please suggest me a way to delete temp folder contents on remote machine.
Most simple way - if you're not strictly forced to use WMI, you can do that with psexec:
PsExec.exe \\<computer> cmd /c "rmdir /s /q %windir%\temp\"
or, if you're not logged into domain admin or global workstations admin account -
PsExec.exe -u <user> -p <password> \\<computer> cmd /c "rmdir /s /q %windir%\temp\"
If should not completely delete the folder since Windows keeps some files open and locked inside it, but anything not read-only or locked would be deleted, both files and folders.
Then, to do this with a list of computers, just use a cmd file like this (list.txt contains just computer names/ips, without \:
for /F %%s in (list.txt) do (
echo %%s
start "" /min PsExec.exe \\%%s cmd /c "rmdir /s /q %windir%\temp\"
)
Start command makes all psexec processes run in parallel and minimized so you don't have to wait for each computer to finish before starting another
psexec.exe is a part of sysinternals package from M. Russinovich, I'd like to leave a direct link but don't know if it's permitted or not.
I think it should be able to connect to remote pcs if you have access to file shares and remote computer management (and admin rights of course)
Related
My BAT file (below) runs perfectly when I run it from an elevated command prompt or Right-Click -> Run as Administrator. However, when I put it in my Windows 10 Task Scheduler, it will not run.
What I've tried:
-- Security Options of the task: I've tried both SYSTEM and a domain admin account.
-- I select "Run with Highest Privileges."
-- I have Selected "Windows 10" in the "Configure For:" dropdown.
-- In the EDIT ACTION window, I have specified the location (c:\script) of the BAT file in "Start in (optional)" section
-- In "Program/Script” I have tried "C:\scripts\script.bat" (without the quotes). I have tried listing just “script.bat" (without the quotes). And, I have also tried ".\script.bat" (without the quotes).
-- I have created the extra lines in the BAT file to copy the file from the System32 directory to another (less secure) location before trying to copy it to the network drive. (I feel like this is unnecessary, and it didn't seem to help with the overall problem.)
*******************BEGIN BAT FILE******************
#Echo off
REM (maps network drive)
NET use Z: \\SERVER\PATH
REM (copies any archived security event viewer logs to the network)
IF EXIST "%SystemRoot%\System32\Winevt\Logs\Archive-Securit*.evtx" (
xcopy "%SystemRoot%\System32\Winevt\Logs\Archive-Securit*.evtx" c:\test\ /Y
xcopy "c:\test\Archive-Securit*.evtx" \\SERVER\PATH\%computername% /Y
REM (deletes files on the local machine after the files are verified to be on the network share)
FORFILES /p "Z:\PATH\%computername%" /c "cmd /c del %SystemRoot%\System32\Winevt\Logs\#file"
FORFILES /p "Z:\PATH\%computername%" /c "cmd /c del c:\test\#file"
) ELSE (
REM Do nothing
)
******************END BAT FILE***************
I figured out my problem. Group Policy had Domain Admins in the Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> User Rights Assignment -> "Deny logon as a batch job."
After removing Domain Admins from this listing and running gpupdate on the machine, I was able to successfully run the BAT in the Task Scheduler (Assuming I had the domain admin user listed in the Security Options of the task).
I have a batch script in Windows7 to update the hosts file that fails.
I am logged as a user with administrative rights.
Even if I run the script with the "Run as administrator" option I get Access denied. 0 files copied when executing this part of the script:
for /f "tokens=1-2 delims=:" %%a in ('ipconfig^|find "IPv4"') do set ip=%%b
set ip=%ip:~1%
REM create changing part of hosts file...
if exist %temp%\temp.txt del %temp%\temp.txt
echo %ip% myproxy >> %temp%\temp.txt
REM check this...
set hostpath=C:\WINDOWS\system32\drivers\etc
REM add static part of hosts file
type "%hostpath%\hosts-static" >> %temp%\temp.txt
REM replace hosts file
copy /y %temp%\temp.txt "%hostpath%\hosts"
ipconfig /flushdns
netsh interface IP delete arpcache
pause
I also tried to create a shortcut and set the "Advanced -> Run as Administrator" option but no luck.
If I open a cmd shell as Administrator and then run the script from there everything works fine, but no way of running it directly double-clicking on the file (or its link).
Any idea?
EDIT:
added the whole script.
I tried creating a shortcut for the following command to execute as Administrator
C:\Windows\System32\cmd.exe /c script.bat
and it is also failing.
From the same shortcut (without arguments) I can open a window where I can execute the batch correctly. I really cannot see why.
Obviously a late response, but just solved this issue with a very straightforward solution so I thought I'd share:
Using ICACLS you can modify access control lists (ACLs) to bypass access denied errors.
Run the following command:
ICACLS C:\path\to\batch\file\directory\* /C
the parameter /C tells the batch file to bypass access denied errors. Cheers.
Try attrib -r -s -h -a "%hostpath%\hosts" before your copy command. If any file is attributed +r, +s, or +h, you'll get "Access is denied" if you try to overwrite it using copy.
In the building system I use some script that copies files from a network drive to the Hudson's workspace by using SMB. Then performs decompression it and deletes the old files.
net use \\NET_DRIVE\ipc$ /user:admin password
robocopy \\NET_DRIVE\SharedFolder/ C:\Users\user\.hudson\jobs\ais\workspace vendor.7z>nul
net use \\NET_DRIVE\ipc$ /D
cd "C:\Users\user\.hudson\jobs\ais\workspace">nul
rd /s /q "C:\Users\user\.hudson\jobs\ais\workspace\vendor\">nul
7za x vendor.7z>nul
del vendor.7z>nul
When I execute this script from Windows command line, everything works and I get my archive. But when I use it in the pipeline, I get error 1326:
Logon failure: unknown user name or bad password
I added the remote domain to the script so that the Windows had not invoked a local account, but it didn't help. I decided to run the command which mount network drive "manually":
net use \\NET_DRIVE\ipc$ /user:admin password /persistent:yes
Then the script a little bit reduced and became working:
robocopy \\NET_DRIVE\SharedFolder/ C:\Users\user\.hudson\jobs\ais\workspace vendor.7z>nul
rd /s /q "C:\Users\user\.hudson\jobs\ais\workspace\vendor\">nul
7za x vendor.7z>nul
del vendor.7z>nul
But I would like to be able to mount SMB-shares from the Hudson's job. How to do it?
Hudson's/ Jenkin's service or servlet- container where it deployed should be run with administrator's privileges.
I just installed the new LibreOffice version, but it failed because it couldn't delete the program folder in "C:\Program Files (x86)\LibreOffice 5", so I tried removing it with the Explorer and admin CMD, didn't work. Then I opened a System command prompt with psExec -i -s cmd and tried some commands on the folder:
rd /s program
takeown /r /f program
icacls program
Every command failed with "Access denied", so how do I remove it? I know that I could just ignore the windows permission system with a Linux distribution, but that's too much effort just for removing a folder.
I would suggest using the windows uninstall tool. If for some reason you can't do that try open cmd as admin and then type rd C:\Program Files (x86)\LibreOffice 5
The goal is to delete the temporary internet files on a remote computer.
start psexec -u domain\username -p password -s \\xxx.xxx.xxx.xxx
cmd cd C:\Documents and Settings\USERACCOUNT\Local Settings\Temporary Internet Files
Which is connecting to the remote computer but just opening to c:windows\system. I am then able to cd to that directory and use del /f /s /q *.* to delete all the problem files.
I tried using psexec \\computer cmd /c del fileName but had even less luck with that.
Why bother cd'ing to directory first? This should work:
psexec \\1.2.3.4 -u "domain\username" -p "password" cmd /c del /f /s /q "C:\Document and Settings\USERACCOUNT\Local Settings\Temporary Internet Files"
I finally got it to work using
psexec -u domain\user -p password \\xxx.xxx.xxx.xxx -s cmd /c rd "C:\Documents and Settings\%USERACCOUNT%\Local Settings\Temporary Internet Files\Content.IE5\" /s /q
which connects to the remote server, goes straight to the directory I want and proceeds to delete the particular temp internet files folder that's causing issues without bothering me at all.
Your command is okay but missing the server name
psexec \\\servername -u ...
Use the below command to create a directory in remote location.
psexec \\\IPAddress -u username -p Password cmd /c mkdir c:\testfolder