I am trying to start an application as a Windows service and that application is designed to modify files and uses network connection too. I have an Administrator account, called 'admin', which can not see local driver, nor network ones. I have tested the following command with PsExec as 'admin' user in session 0:
fsutils fsinfo drives
The output listed all the drives, but I can not use them at all. Even the 'mkdir', 'cd' basic commands does not work, because the commands can not be found.
The who am I command executed too:
whoami /all
There is no entry for using drives. Could you tell me what settings are necessary to use the network and local drives in session 0 with 'admin' account?
Related
I believe this not the case i.e. being root in WSL 2 gives no admin privileges on the Windows system though I would love to have confirmation.
You can do a test.My computer was shut down and the administrator confirmed that I could not test it. It is not possible to modify the host file directly, you can modify the host file directly from root in WSL to confirm whether it has permissions.
C:\Windows\System32\drivers\etc\hosts
I have a batch file with various commands. I am transferring the batch file to a remote PC and running the file. Now I need to run a few of the commands in the batch file as an administrator but I cannot go to the remote PC to enter any password or click on any prompt.
My batch file includes the following commands:
1. winrm quickconfig -force
2. winrm set winrm/config/service/auth #{Basic="true"}
3. winrm set winrm/config/service #{AllowUnencrypted="true"}
Now the commands 2 and 3 needs to be run as an administrator. I have the admin password. Is there any command arguments like
"command" /runas /user:admin /pass:password /noprompt
Using only /runas still gives you a prompt and there is no option in runas /? that can disable it. I need a solution where I don't have to press Yes on the UAC prompt since the file will run on a remote system.
Edit: Would like to give more context. So the task is to automate the process of running configuration script on remote machine once windows is installed on it. There would be approximately 100 machines and going on each system and enabling the winrm service is not feasible. And in order to run the script remotely on the target machine, I need to enable and then make changes to the winrm service (needs admin privileges). I cannot make changes to the network. I am able to enable winrm service but making changes to winrm service requires running those commands as admin. And I cannot click on any prompt since I cannot go to the remote machine. So any advice in this regards would be helpful. I'm not trying to bypass any process. I have the admin credentials. Just trying to find the correct commands and arguments to help me achieve this.
I have gone through various links on SO regarding RDP to a windows machine but still can't understand how to execute for test, ipconfig command on remote machine and gather the results in a text file.
I can't get beyond Mstsc which creates the gui and asks for password and username.
I have been attempting to automate the installation of one of my applications but have run into a few roadblocks and I really need some help.
Currently we are using Dell's KACE technology to push the installer to the local machines. The installer is run as the SYSTEM user meaning it does not and can not have direct access to network shares (relevant later).
The application installation workflow is as follows:
Stop Local Security Services to allow software install
Remove anything mapped to drive letter X
Map network drive X \test\test
TestApp.exe /s
msiexec /i Test.msi /quiet
Start Local Security Services to allow software install
copy shortcut file to desktop
The installation itself has 1 Executable and 1 MSI that have to be run. The EXE installs a mainframe application. The MSI file installs a few files locally and then registers 6 DLL files located on that mapped drive.
This is where the issue comes in - Because those files MUST be on that share drive and the installer is running as SYSTEM -> The System account account can't access the mapped drive to register the files so the installation fails.
I am further limited by the fact that I can't simply store a username/password in plaintext in the batch file.
Here is my code so far:
REM Stopping McAfee Services
echo Stopping McAfee Services.
net stop mcshield
net stop mcafeeframework
REM Map Network Drive
echo Mapping Network Drive
net use X: /delete /y
net use X: \\test\test
(Here is where I need help - Is there a way to force a username/password prompt here for the user? I basically just want the user to authenticate to the X drive mapping, which will allow the installation to move forward)
echo Starting Test 1 Installation
Test1.exe /s /v"/qb"
echo Starting Test 2 Installation
msiexec /i Test2.msi /quiet
(If the drive has not been mapped by this point, the installation fails as the SYSTEM account can't access the drive)
echo.
REM Restarting Mcafee Services
echo Starting McAfee Services.
net start mcshield
net start mcafeeframework
echo.
REM Copy Shortcut
xcopy "shortcut\*" "C:\Users\public\desktop"
Alternatively,
Could/should I convert this to a PS script? I know PS is more powerful than batch, but wasn't sure how to go about it.
If by forcing authentication prompt, you mean something that will need human input (and you aren't running this script remotely), then this line should interact with existing login session and ask for credentials:
start explorer \\test\test
echo After you have entered network credentials
pause
Once user enters valid ones, the remaining script can continue
net use X: \\test\test
After toying with ideas about this problem for a couple of weeks I decided to take a new approach.
I created a new batch file using a simple NET USE and passed the credentials of a service account w/ access to the network share in plain text. Next, I compiled the batch into an executable. It's not the most elegant solution out there I'm sure, but it's sufficient for our needs currently.
Thanks for the help everyone!
Step 1). log into local windows xp (sp3) machine as system account
Step 2). execute psexec test as follows on remote xp (sp3) machine
psexec \\nnn.nnn.nnn.nnn ipconfig /all
RESULT:
Couldn't access nnn.nnn.nnn.nnn
Access is denied.
Question: Why?
I am logged on as windows System user, the system user is all powerfull
i should be able to do anything, with no access restrictions at all
This doesnt work either
psexec \\nnn.nnn.nnn.nnn -s ipconfig /all
why doesnt being logged onto a local xp machine as SYSTEM give me the power to run
anything on a remote machine?
The SYSTEM account is all powerfull when it comes to the local system, but not on remote systems. Use -u to specify a username...