PSExec does not show output of the started child process (local machine) - windows

We are in the need of spawning processes from session 0 isolation to a logged in user in session 1.
This task is done by using psexec, this happens entirely on the same machine, but I am unable to get the output of the child process to be displayed in psexec. Since this runs on a build-server I don't want to redirect output to a file, etc
Here is a sample call which does not work:
C:\>PsExec.exe cmd.exe -i 1 -u user -p pwd /C echo foo
The result shows nowhere any "foo"
PsExec v2.11 - Execute processes remotely
Copyright (C) 2001-2014 Mark Russinovich
Sysinternals - www.sysinternals.com
cmd.exe exited with error code 0.
One thing that works, but is currently useless is to ommit -i and add \\localhost:
C:\>PsExec.exe \\localhost cmd.exe /C echo foo
returns:
PsExec v2.11 - Execute processes remotely
Copyright (C) 2001-2014 Mark Russinovich
Sysinternals - www.sysinternals.com
foo
cmd.exe exited on localhost with error code 0.
But when I specify session 1, it breaks. This:
C:\>PsExec.exe cmd.exe -i 1 -u user -p pwd \\localhost /C echo foo
again shows no foo for me.
Again: The intention is not to tee or redirect echo foo into some file and then perform type myfile.log as a second step but to receive the output in the original psexec.
We are bound to session 1 as we need a Direct 3D context, having the service configured with "Allow interacting with the desktop" does not help here.

I don't think that what you are asking is possible. psexec -i runs the process interactively on the remote machine, so everything including the console I/O happens in the respective session on the remote machine.
The -i behavior does in fact make sense. Suppose for example that you ran a batch file which required user input e.g. had a pause or set /p. With -i that input would need to be entered on the target machine, not on the machine where you run psexec. Similarly, the output goes (only) to the remote machine.
The other part of your question is the difference between psexec \\localhost and psexec without a computer name at all. This one appears to be an undocumented psexec quirk, which has been noticed and reported before, for example (with a bit of reading between the lines) at Redirect output of process started locally with PSExec.

Related

Regarding -i option usage of psexec

I was successfully running psexec to open application on remote PC using the following command:
psexec -s -i 1 \\135.20.230.160 -u administrator -p force calc
But suddenly today I found that 'calc' is not opening in the remote machine. Instead it is just running on the process list in task manager.
After some experiments when I changed '-i 1' to '-i 2' I found it working again.
Can anyone explain why this happened and how can I decide that the session number needs to be changed?
I need to build automation script for different users, so this is important to resolve.
Thanks.
You can use tasklist to display all tasks and see what session they are currently running on under the session# section.
The Psexec -i is asking for the session you would like to use.
Therefore as users log in to the machine the session numbers can be anywhere from 0 and up. To find out use tasklist with and check a process you know is running and view its session number.

How to prevent PuTTY shell from auto-exit after executing command from batch file in Windows?

I have written a batch file like this:
Start putty.exe -ssh 172.17.0.52 -l root -m dummy.txt
Then in dummy.text I have written this command:
avahi-daemon --no-drop-root -D
export XVHMI_USERCONFIG_PATH=/home/UserProfileConfig
export XDG_RUNTIME_DIR=/tmp
cd /opt/bosch/airis/bin
When I run the .bat file, PuTTY starts, commands execute (hopefully, not sure) and it exits.
How to keep that window open?
I have googled for the same, but no solid help. I read on stack overflow itself that we need to define something in txt file, but what and most importantly how?
The SSH session closes (and PuTTY with it) as soon as the command finishes. Normally the "command" is shell. As you have overridden this default "command" and yet you want to run the shell nevertheless, you have to explicitly execute the shell yourself:
avahi-daemon ... ; /bin/bash
Also as use of -m switch implies a non-interactive terminal, you probably want to force an interactive terminal back using -t switch.
Though, I'm not really sure if you want to execute shell or if you just want to see your command output. If the latter, did you consider using plink? It's console terminal client from PuTTY package. Being console application, it inherits console of parent batch file, and you can pause the batch console from closing using pause command, if needed.
Another option (both for PuTTY and plink) is to pause on remote side. E.g. Using read command.
avahi-daemon ... ; read
As suggested by Martin I tried this step:
putty.exe -ssh 172.17.0.52 -l root -m dummy.txt -t
added /bin/bash at the end of commands in dummy.txt
It worked for me. Please note, you have to follow both the steps as mentioned above.
This way you can keep the session alive and can manually execute further commands.

Can't get appengine:devserver_stop to work on Windows 2012 server

On my Windows 2012 server, I can run "mvn appengine:devserver_start" without any problems. When I run "mvn appengine:devserver_stop", it says "Stopping the development server" then "BUILD SUCCESS" but the process remains running and I have to kill it manually. Can't seem to find much information on these two goals (they're still pretty new) so wondering if this is a known issue or if it's something on my server.
I've tried both from TeamCity and running from the command line directly (with and without admin privileges).
Hey you can stop it using command line prompt.
get the PID using command
C:\netstat -a -n -o
and stop the process by another command
C:\Taskkill /PID <2004> /F
Full description with output is here.

Running remotely Linux script from Windows and get execution result code

I have the current scenario to deal with:
I have to schedule the backup of my company's Linux-based server (under Suse Linux) with ARCServe R15 (installed on Windows 2003R2SP2).
I know I have the ability in my backup software (ARCServe) to add pre/post execution scripts to my backup-jobs.
If failure of the script, ARCServe would be specified NOT to run the backup-job, and if success, specified to be run. I have no problem with this.
The problem is, I want to make a windows script (to be launched by ARCServe) for executing a Linux script on the cluster:
- If this Linux-script fails, I want my windows-script to fail, so my backup job in ARCServe wouldn't run
- If the Linux-script success, I want my windows-script to end normally with error code 0, so my ARCServe job would run normally.
I've tried creating this batch file (let's call it HPC.bat):
echo ON
start /wait "C:\Program Files\PUTTY\plink.exe" -v -l root -i "C:\IST\admin\scripts\HPC\pri.ppk" [cluster_name] /appli/admin/backup_admin
exit %errorlevel%
If I manually launch this .bat by double-clicking on it, or launching it in a command prompt under Windows, it executes normally and then ends.
If I make it being launched by ARCServe, the script seems never to end.
My job stays in "waiting" status, it seems the execution code of the linux script isn't returned to my batch file, and this one doesn't close.
In my mind, what's happening is plink just opens the connection to the Linux, send the sript execution signal, and then close the connection, so the execution code can't be returned to the batch. Am I right ?
Is what I want to do possible or am I trying something impossible to do ?
So, do I have to proceed differently ?
Do I have to use PUTTY or CygWin instead of plink ?
Please, it's giving me headaches ...
If you install Cygwin, you could do it exactly like you can do it on Linux to Linux, i.e. remotely run a command with ssh someuser#remoteserver.com somecommand
This command will return with the same return code on the calling client, as the command exited with on the remote end. If you use SSH shared keys for authentication instead of passwords, it can also be scripted without user interaction.

How do I shutdown, restart, or log off Windows via a bat file?

I've been using Remote Desktop Connection to get into a workstation. But in this environment, I cannot use the power options in Start Menu. I need an alternative way to shutdown or restart.
How do I control my computer's power state through the command line?
The most common ways to use the shutdown command are:
shutdown -s — Shuts down.
shutdown -r — Restarts.
shutdown -l — Logs off.
shutdown -h — Hibernates.
Note: There is a common pitfall wherein users think -h means "help" (which it does for every other command-line program... except shutdown.exe, where it means "hibernate"). They then run shutdown -h and accidentally turn off their computers. Watch out for that.
shutdown -i — "Interactive mode". Instead of performing an action, it displays a GUI dialog.
shutdown -a — Aborts a previous shutdown command.
The commands above can be combined with these additional options:
-f — Forces programs to exit. Prevents the shutdown process from getting stuck.
-t <seconds> — Sets the time until shutdown. Use -t 0 to shutdown immediately.
-c <message> — Adds a shutdown message. The message will end up in the Event Log.
-y — Forces a "yes" answer to all shutdown queries.
Note: This option is not documented in any official documentation. It was discovered by these StackOverflow users.
I want to make sure some other really good answers are also mentioned along with this one. Here they are in no particular order.
The -f option from JosephStyons
Using rundll32 from VonC
The Run box from Dean
Remote shutdown from Kip
If you are on a remote machine, you may also want to add the -f option to force the reboot. Otherwise your session may close and a stubborn app can hang the system.
I use this whenever I want to force an immediate reboot:
shutdown -t 0 -r -f
For a more friendly "give them some time" option, you can use this:
shutdown -t 30 -r
As you can see in the comments, the -f is implied by the timeout.
Brutus 2006 is a utility that provides a GUI for these options.
No one has mentioned -m option for remote shutdown:
shutdown -r -f -m \\machinename
Also:
The -r parameter causes a reboot (which is usually what you want on a remote machine, since physically starting it might be difficult).
The -f parameter option forces the reboot.
You must have appropriate privileges to shut down the remote machine, of course.
Original answer: Oct. 2008
You also got all the "rundll32.exe shell32.dll" serie:
(see update below)
rundll32.exe user.exe,**ExitWindows** [Fast Shutdown of Windows]
rundll32.exe user.exe,**ExitWindowsExec** [Restart Windows]
rundll32.exe shell32.dll,SHExitWindowsEx n
where n stands for:
0 - LOGOFF
1 - SHUTDOWN
2 - REBOOT
4 - FORCE
8 - POWEROFF
(can be combined -> 6 = 2+4 FORCE REBOOT)
Update April 2015 (6+ years later):
1800 INFORMATION kindly points out in the comments:
Don't use rundll32.exe for this purpose. It expects that the function you passed on the command line has a very specific method signature - it doesn't match the method signature of ExitWindows.
Raymond CHEN wrote:
in 2004 "What can go wrong when you mismatch the calling convention?":
The function signature required for functions called by rundll32.exe is:
void CALLBACK ExitWindowsEx(HWND hwnd, HINSTANCE hinst,
LPSTR pszCmdLine, int nCmdShow);
That hasn't stopped people from using rundll32 to call random functions that weren't designed to be called by rundll32, like user32 LockWorkStation or user32 ExitWindowsEx.
(oops)
The actual function signature for ExitWindowsEx is:
BOOL WINAPI ExitWindowsEx(UINT uFlags, DWORD dwReserved);
in 2011: "Throwing garbage on the sidewalk: The sad history of the rundll32 program"
And to make it crystal-clear:
in 2013 "What's the guidance on when to use rundll32? Easy: Don't use it":
Rundll32 is a leftover from Windows 95, and it has been deprecated since at least Windows Vista because it violates a lot of modern engineering guidelines.
Another small tip: when going the batch file route, I like to be able to abort it in case I run it accidentally. So the batch file invokes the shutdown but leaves you at the command prompt afterwards.
#echo off
echo Shutting down in 10 seconds. Please type "shutdown /a" to abort.
cmd.exe /K shutdown /f /t 10 /r
Plus, since it's on a timer, you get about the same thrill as you do when hunting in The Oregon Trail.
When remoted into a machine (target is Windows XP anyway; I am not sure about target Windows Vista), although Shutdown on the start menu is replaced by Disconnect Session or something like that, there should be one called 'Windows Security' which also does the same thing as Ctrl + Alt + End as pointed to by Owen.
You're probably aware of this, but just in case: it's much easier to just type shutdown -r (or whatever command you like) into the "Run" box and hit enter.
Saves leaving batch files lying around everywhere.
I'm late to the party, but did not see this answer yet.
When you don't want to use a batch file or type the command. You can just set focus to the desktop and then use Alt + F4.
Windows will ask you what you want to do, select shutdown or restart.
For screenshots and even a video, see: https://tinkertry.com/how-to-shutdown-or-restart-windows-over-rdp
I would write this in Notepad or WordPad for a basic logoff command:
#echo off
shutdown -l
This is basically the same as clicking start and logoff manually, but it is just slightly faster if you have the batch file ready.
Some additions to the shutdown and rundll32.exe shell32.dll,SHExitWindowsEx n commands.
LOGOFF - allows you to logoff user by sessionid or session name
PSShutdown - requires a download from windows sysinternals.
bootim.exe - windows 10/8 shutdown iu
change/chglogon - prevents new users to login or take another session
NET SESSION /DELETE - ends a session for user
wusa /forcerestart /quiet - windows update manager but also can restart the machine
tsdiscon - disconnects you
rdpinit - logs you out , though I cant find any documentation at the moment

Resources