scripting languages native to windows for remote users support - windows

I work for a application dev company but I am in the support side of it. I am looking to run scripts on to remote-host (logmein Rescue Technician Pro). Our clients all run windows machines and the oldest OS version we support is XP SP3 and the latest win8. I need a scripting language that is native to windows and doesn't require any download this or unzip that. These scripts are Powershell scripts but as we all know the executionpolicy needs to be set to unrestricted. I need a scripting language that automates mouse clicks and keystrokes like hitting enter on the keyboard or typing words into cmd/Powershell, then hitting enter for example. I am trying to run a script in another language to disable the excutionpolicy in Powershell and then start the powershell scripts from this point. I hope I have explained myself.
UPDATE:
I am bad at what I am trying to explain I guess. I need to run a script to disable ExecutionPolicy on remote users through LOGMEIN RESCUE TECHNICIAN. Logmein has a tab called "SCRIPTS" that automatically startup when you connect to the remote session. The problem is that PowerShell by default is set to executionpolicy restricted. That will not allow my scripts to run and I have to run them manually from my machine, I believe their is a way to just run the scripts and have them out put the results to me without having to pull up the remote users GUI, all the computers are their own independent machines and not on a domain. I need to run the scripts as unrestricted on the remote machine on initiation of the remote session. Thats why I having going around in circles trying to figure this out. I was able to disable powershell from the cmd but i need to hit enter, i need to script the enter key stroke but again i keep running into blocks just run my scripts. I'm annoyed by this now at this point.

You can run a powershell script like so:
powershell -executionpolicy unrestricted -file "C:\Myscript.ps1"
This will not change the global executionpolicy for the whole machine, but just to run that script.

Two options:
1.Stick with PowerShell. When you launch PowerShell, instead of launching from the shortcut, run the following command (either from a cmd prompt, or run command):
powershell.exe -ExecutionPolicy ByPass
This will run PowerShell with the execution mode set to ByPass.
2.Use the old way of scripting that works on all versions of Windows, VB scripts. (although, after using PowerShell, VB scripts are hard to go back to)

I'd honestly go with JScript (or VBScript, but JScript is a much nicer language IMHO), since you don't want to have to install anything on the remote machines. XP doesn't include PowerShell, so you'd have to install it at some point.
WSH (Windows Scripting Host) languages like VBScript and JScript, and PowerShell can all simulate mouse clicks and keystrokes, but if you want one script that will run on all of those platforms out-of-the-box, you'll need to stick with WSH languages.
If you have any control over what gets installed on the remote systems, though, go with PowerShell, or - at very least - make sure that the Windows Scripting Host components are up to date with the latest release available for the platform. I'm not sure whether that would come as part of the typical Windows Updates or not.
Just my $0.02.

Related

From a batch script, how to call explorer.exe to launch an exe with command line arguments [duplicate]

I have an elevated console running some bat files. Having this console running in elevated mode is mandatory for it to be able to perform some tasks like managing network shares, etc without asking for permissions. But sometimes the scripts also have to launch some applications which are not desired to run elevated. So we want our elevated bats to start come application in non-elevated mode. Is there any built-in way to do this on Windows? Processes were started with DOS command START up to the date.
By the way, the machine is a Windows 7 Ultimate Edition x64.
I know this isue is already discussed programatically in many questions (this collects many of them), but our requirements are bat scripts running on cmd, and any standalone executable that may help in our tasks, like nircmd, 7z, etc.
Clarification: we already have a scheduled task which starts the console elevated, and elevating the console is not the issue os this answer.
The built-in Windows way: START RUNAS ... allows you to run a process as limited user. Here's an example:
runas /trustlevel:0x20000 cmd.exe
Anyway, there are some internal differences between the execution permissions on a process executed that way and another started from the UI with UAC enabled (explorer.exe via normal user interaction, I mean, execution from file browser or from start menu).
On the process started via runas (right) we miss some permissions disabled:
On the process started via runas (right) Administrators have some permisions set over the process:
The Third-Party application way: we can achieve our goal using PSExec, a standalone executable we can find on PSTools from Windows Sysinternals. Here's an example:
psexec -l -d cmd.exe
I've looked very deep into the issue and I've noticed no difference in any of the running permissions or security flags.
From the Microsoft Technet blogs:
PsExec use the CreateRestrictedToken API to create a security context, called a token, that’s a stripped-down version of its own, removing administrative privileges and group membership. After generating a token that looks like one that Windows assigns to standard users Process Explorer calls CreateProcessAsUser to launch the target process with the new token.
These are the best conslussions I've managed to get after many hours of research; anyone who can provide further details will be welcome.
Really not my area of expertise, but would START RUNAS ... or perhaps AT fit the bill?

using git-posh or/and oh-my-posh with Command Prompt(cmd, not Powershell) inside windows terminal

Recently switched to new windows terminal, and after hours of searching on internet I was not able to find anything helpful, all what I want is to set up cmd inside new windows terminal to show git branches just like it's achievable for powershell.
eg like this
I have been very comfortable with cmd especially with its ability to use additional linux commands and don't wanna switch to powershell only because of nice displays of git branches. this is a source where everything is nicely explained for powershell, all I want is to do the same for CMD.
thanks in advance
In order to use Oh My Posh for shell-prompt customization from cmd.exe, the legacy Windows shell (citing from the docs (tab cmd)):
There's no out of the box support for Windows CMD when it comes to custom prompts. There is however a way to do it using Clink, which at the same time supercharges your cmd experience. Follow the installation instructions and make sure you select autostart.
As you later discovered, this issue on GitHub has background information on why native cmd.exe support isn't possible (even though Oh My Posh is generally shell-agnostic) and why third-party software is needed to make it work.
As for your comments re preferring cmd.exe:
I have been very comfortable with cmd
Migrating from the shell one is used to a new one is undoubtedly a painful transition, but well worth considering in this case:
While not without its quirks, PowerShell is vastly superior in just about every respect to cmd.exe, and enables you to do things you simply cannot do in cmd.exe
its ability to use additional linux commands
Linux (WSL) commands called from the Windows side are all mediated via executables (notably wsl.exe and bash.exe), which you can equally call from PowerShell.

Interoperability of PowerShell

I am distributing an installer and it will open and run a PowerShell script. The installer will be used by people who have Windows XP and up.
Am I guaranteed that this script will run/execute on all these versions of Windows? I'm looking for the similar Cross-Windows-Platform interoperability that Batch files provide.
I've heard of the error: "File cannot be loaded because the execution of scripts is disabled on this system" what can I do in this scenario? If a user has disabled scripts does that mean I will need to use a different language(maybe just Batch)?
The error you're quoting is due to the default execution policy of PowerShell when it's installed. The message indicates that PowerShell is installed,but by default it's very restricted about what scripts may run for security purposes.
See this article for more on the subject.
If you're going to use PowerShell in your installer, make it part of the system requirements for your software. I can't find anything that definitively says you can redistribute PowerShell with your application, but it's worth asking Microsoft about it.
PowerShell isn't "guaranteed" to be on any desktop OS older than Win7, but it is distributed via Microsoft Update and there's no compelling reason for users to not have it installed.
If you manage this environment, then make sure that powershell is installed on the XP workstations before deploying the script. There is also the option of configuring group policy for powershell to enable script execution and what type of scripts to allow, but that's outside the scope of this question.
If you don't go the group policy route, and instead want to just run the script directly, then in your installer, call powershell.exe directly and pass in the following parameters:
powershell.exe -executionpolicy bypass -file \\path\to\script
The script path doesn't have to be a unc path if it's local, that was just an example.
No, PowerShell scripts are not guaranteed to run on Windows XP or Windows Server 2003. Although PowerShell is available for these platforms, it's not installed by default.
No, PowerShell scripts may not work, because the PowerShell isn't pre-installed on Win XP/2003.
It is included in the Management Framework for XP/2003.
For me, I suggest to use the .bat instead.

Invoking windows batch file from Linux

I have an application running only on Windows and a batch file that launches it.
I want to invoke this batch file from Linux, meaning something like Linux batch will launch the windows batch with parameters and this in its turn run my application.
Can I do that? How?
You could install an ssh server in the windows box (Cygwin has one), then from linux do something like:
ssh user#windows-box c:/path/to/batch.cmd
and that should launch your application in the windows box.
The most direct way is probably to install an ssh server on the windows box. Cygwin includes an ssh server.
Depending on how precise your timing needs are, you might be able to have an "at" job on the windows box that runs periodically (every 5 minutes?) and runs if it sees that a particular file exists, deleting the file. Then you could use Samba/smbclient to create the file. You would need to turn on filesharing on the windows box for this to work.
If the windows box has a web server, you could write a CGI, and trigger it using wget or cURL.
Our build process currently goes the other way: a windows sever kicks off things on the Linux server using plink (part of PuTTY). You might be able to set something similar up.
This may cause a security issue. Our information security person did not allow me to invoke any programs directly.
The safer way is to set up server on Windows computer. This can be a web-server for example. And then invoke your process inside PHP/Perl/Python script.
Also look at winexe that allows you to execute windows commands/batch scripts without running ssh server.

How to admin a remote Windows Server with a command line interface?

When I was a Linux admin I could do anything from the SSH command line. Now, as a Windows admin, I have to deal with the Windows Remote Desktop graphical interface, which I found to be inefective (slow) and hard to automate tasks in it.
a) Can I connect to a Windows Server through SSH or any encrypted connection with command line interface?
b) If yes can I do ANY administrative task?
Examples:
create a new virtual folder in IIS
setup firewall ports
restart services
change user policies
start desktop applications
I know about the existence of Windows PowerShell 2.0 Remoting, but I don't know if it fullfills all conditions above
My conclusion so far: from Windows PowerShell can do MOST but not ALL administrative tasks. And I still don't know if Windows PowerShell 2.0 Remoting uses an encrypted connection.
PowerShell is what you're looking for. It is primarily targetted at system administration (although it's fanastic as a programmer's shell, too).
PowerShell v2 remoting is based on Windows Remote Management. See http://msdn.microsoft.com/en-us/library/aa384426(VS.85).aspx. It includes facilities for ecryption and authentication, as you'd expect.
PowerShell includes cmdlets that let you do a lot of everyday tasks. Microsoft server applications (IIS, Exchange, etc.) either have or are building PowerShell cmdlets to administer them. PowerShell's WMI support is excellent, giving you a lot of machine administration power. PowerShell can talk to .NET directly, which lets you go further than built-in facilities when needed. And writing C# for PowerShell to call works out cleanly, too.
You asked for a command line interface, but don't think that you're restricted to the ancient and crufty Windows Console subsystem. PowerShell v2 includes a new GUI interactive shell / script editor, with colorization and debugging. It's sweet.
You can also try http://sshwindows.sourceforge.net/
I don't have personal experience with it but it looks promising.
Did you consider Google? (looks like you edited your question. You now no longer ask if the example tasks can be achieved using PowerShell)
Powershell snap-in for IIS 7
Restart-Service
Group policies
etc...
Sorry for not answering your question. I was in a similar situation.
I gave up to do all tasks on the windows shell
Instead I do use the shell for some tasks, but I am also using rdesktop (through ssh) and I put icons for the most important gui admin tools on the windows quicklaunch.
I gave up making windows feel like unix because it never will.
alternatively try to download and install eurysco to use the following features that is based on another logic...
1.create a new virtual folder in IIS (from eurysco commandline to launch vbs or powershell script)
2.setup firewall ports (from eurysco commandline to launch netsh.exe advfirewall)
3.restart services (from eurysco service control)
4.change user policies (from eurysco system registry or commandline to launch powershell script)
5.start desktop applications (from eurysco commandline to launch powershell script)
http://www.eurysco.com/features

Resources