I am using psexec to start an executable in a remote system. The remote system is 64 bit while the exe pushed using psexec is 32 bit.
While running "psexec", I am providing the admin credentials of the remote system and the remote process is created using those credentials itself.
The 32 bit exe , when run on the remote system , does some operations and then spawns another executable using ShellExecute.
I am finding that on windows 7 , ShellExecute returns error code 5 (i.e. SE_ERR_ACCESSDENIED). The entire process runs fine and ShellExecute succeeds when the target machine is XP.
Any ideas or workaround for the same? I tried initializing COM , but with no benefits.
Please let me know if any further details/code is required.
I figured out the problem , actually ShellExecute was trying to execute the program which was in a share location. My guess is it was not able to access the share thus giving access denied. I used CreateProcess() instead and made sure that the share connection is made before trying to execute the process. This worked!
Related
I have a need for starting an .exe program in multiple windows sessions (15) on the same server, whenever the server reboots.
I had a code that used to do that at start-up, but we lost that.
The exe file collects data from a bunch of servers. It needs to be run in multiple windows sessions--I think this way the process works in parallel.
Does anyone know a way to achieve this?
PsExec is a tool primarily used for running code on other servers, but can be pointed at the local machine too. The -i option can specify a session:
Run the program so that it interacts with the desktop of the specified
session on the remote system. If no session is specified the process runs in the console session.
I am using psexec to run a remote script which does some UI operations on the print objects present in the remote system. To be specific , the API used is SHInvokePrinterCommand() to invoke printer properties of a printer object.
The entire thing works fine when executed with a user logged in(and thus a visible desktop) on windows 7. But when no user is logged in , the procedure is failing to work, the API(SHInvokePrinterCommand) returns successfully but it doesn't seem to do any work. WINDOWS XP under the similar conditions, WORKS FINE.
The observation made me believe that it has something to do with the session and "Window station" architecture that varies within these operating systems.
With some coding in the remote process , I was able to establish that the remote process is started in a non-zero session (session 2) by psexec and the only window station it is attached to is "WinSta0".(I used EnumWindowStations() for that). WinSta0 is the only windows station which receives input from KeyBoard , mouse etc.
With this much observation , I fail to understand what makes the entire thing not work in case of windows 7, with no on logged in. Basically the properties page of printer is not actually getting invoked in this case.
Does the session , that psexec forms , for executing the remote process ,in some way not a "complete" session? Any way to fix this problem?
Any ideas or suggestion are most welcome.
Several things come to mind, mostly related to increased security in Windows Vista & above.
SHInvokePrinterCommand is deprecated in Vista & above.
PSExec runs the script in a service, which in Vista & above no longer have desktop access.
When there's no logged in user, HKEY_CURRENT_USER doesn't exist, and any attempts to read from it will fail.
There are some questions regarding this topic, but thought I'd ask my about my unique situation...
Background - We are attempting to execute a QTP script via Jenkins. Now, Jenkins is running on a Windows Server, on which we are having some QTP install issues (that topic is for another thread...). As a workaround, I am trying to execute a simple AOM VBScript invoking QTP on a remote client machine (running Windows XP) and execute the test on that machine...
Setup - Just for initial proof-of-concepts, a .VBS file located on a Windows 7 box (the "calling box") has the following command:
Set qtpApp = CreateObject("QuickTest.Application","WinXPMachineName")
Problem - I am getting the following error on the calling box:
ActiveX component can't create object: 'QuickTest.Application'
I have followed the instructions to set up QTP for remote execution on the Windows XP machine. Note that QTP isn't installed on the Window 7 box .
QuickTest Pro must be installed on the local machine (in your case, your Windows 7 computer) even though you'll ultimately launch QTP elsewhere. This is because Set qtApp = CreateObject("QuickTest.Application", "MyServer") summons the local installation of QTP to open. Once the local QTP is open, it should communicate with the remote server and instruct the remote server to begin the test cases.
So, yes, you will need QTP installed on the local machine. (This is not troublesome if you have concurrent aka 'floating' licenses. If you have the seat licenses, that means they are paying for each individual computer that QTP is installed on. If that's the case, I don't know what to recommend.)
An alternate method:
I've been wrestling with remotely-launching QTP test scripts, particularly by launching them through the Windows Task Scheduler (That way, you wouldn't need QTP on the local machine, only on the remote machine). Here are a few questions I've had that hopeful might blaze a trail:
How can I run a QTP test from the command line?
Remotely managing Scheduled Tasks on another computer: Access
Denied
Unable to remotely schedule tasks from the command line
I was using another automation tool than QTP but I faced the same issue.
I was told I had to have the software "QAWP" installed in both machines to be able to run it remotely, but my company was reluctant on buying a second license for just this and wanted another solution 'Cheaper one'. So:
In the test machine have a batch file that executes your tests.
Add a scheduled tasks in windows that calls your batch file.
from any other machine you can start the scheduled tasks using the command:
schtasks /run /s /tn
both launch and remote machines have to be in the same domain and logged in as the same user that you gave access in the DCOM settings
turn off firewall if possible or add qtp to the exceptions
works perfectly for me
Can anyone tell if Set qtApp = CreateObject("QuickTest.Application", "MyServer") works if working with QTP trail version?
I have QTP trail version on two Win7 64bit machine.
When I use the above code to start QTP on my remote machine form vbscript then it works.
But when i try executing it from QTP it fails.
I have the right DCOM settings and all administrative privileges on both machines and my QTP is also running as admin.
So does it only work when I have licence installed?
To add more info to whoever still looking for answer to invoke QTP/UFT in remote machines:
Using VBScript to invoke QTP/UFT tests in remote machine is old school approach. I would suggest you to use Jenkins. It has tons of advantages.
Check here for more details.
I have a puzzling situation with the Inno Setup FileExists function.
Here's the situation. I have three networked computers with like WORKGROUP names.
1) Windows 7 32-bit
2) Windows 7 64-bit
3) Window XP Service Pack 3
1) and 3) have been setup as servers with read-write shares, ex. ShareExe and ShareData
The problematic Inno Setup creates shortcuts to the executable in the ShareExe folder. It asks the user for the ComputerName of the server and then uses FileExists to verify correct input.
Running this setup on the XP (3) machine and specifying 1)'s computername works just fine, however when running the setup on the Win7 64-bit PC and specifying the same ComputerName as with XP, causes the FileExtsts test to fail.
Strangely, I can go to Network Places and open the ShareExe folder and successfully run the executable. My question is, "why does Inno FileExists fail only on the Win 7 64-bit machine?" I cannot find anything in the reference materials that suggest any version differences with FileExists. (I also tried FileSearch with the same results).
TIA
In Windows 7 (and Vista) with UAC enabled, by default network credentials and drive mappings are not shared between admin and non-admin contexts, even for the same user.
By default, Inno elevates to admin permissions (via PrivilegesRequired=admin), since most installations must (and should) be performed per-machine by an admin user. However this means that any credentials prompted for or saved by Explorer when browsing for the desktop are not available to it.
When files are accessed directly by APIs (as with FileExists), Windows will typically try to silently connect to the server using the same username/password as was used to log into the PC; if this fails then it just reports an error since it has no way to prompt for alternate credentials at that point. So if you can ensure that the login details on both PCs are the same, then it should work. (You usually get this for free on computers connected to a domain, but not a workgroup.)
If that isn't possible, then something else you could try would be to force the access via a shell dialog -- if the FileExists fails, then use GetOpenFileName to prompt the user to find a specific file in that folder, using the same initial path. I haven't tested this, but I think this should result in Windows displaying a credential prompt and then you should be ok after that.
(If this is for an internal app, then another option is to disable the separation of credentials [via a security policy setting] or UAC entirely, though the latter isn't really a good idea. Of course this isn't tolerable for a general-release app, and it's cleaner if you solve it one of the other ways anyway.)
I've been trying to get psexec to run executables on remote machines from custom build tasks in visual studio. All of these commands work from the command line but running it from an application seems to be a problem. Some commands work, on other psexec hangs and consequently so do msbuild and visual studio 2005. I'm calling SharePoint's stsadm.exe in this case, but this problem occurs with a lot of programs, when running psexec from an application. There are lots of people having this problem, but there seems to be no solution, so my question is: Does anyone know a working alternative to psexec?
I've experienced 'hangs' when executing PSEXEC against a remote system, but I always attributed it to the security context in which the remote process was running under.
From PSEXEC help:
If you omit a username the remote
process runs in the same account from
which you execute PsExec, but because
the remote process is impersonating it
will not have access to network
resources on the remote system. When
you specify a username the remote
process executes in the account
specified, and will have access to any
network resources the account has
access to. Note that the password is
transmitted in clear text to the
remote system.
If your executing a process remotely, that then needs to access the database (stsadm.exe), then it could be failing trying to access the network resource, depending on how PSEXEC was executed. If thats the case, I'd imagine it would eventually time out and give some sort of resource unavailable message.
There are two things that generally done when executing deployment steps against a remote machine to prevent the behavior your describing:
Like rifferte mentioned, make sure all assets needed to
deploy are local to the remote
machine (copy files, etc) before
using PSEXEC to execute the script (*.bat, *.vbs, *.ps, etc) -
so that everything runs 'local' to
the remote machine.
Run PSEXEC using
a domain username/password when
executing it - note that this
information is passed in clear text
to the remote server.
There's always RCE.
RemCom is a small (10KB upx packed)
remoteshell / telnet replacement that
lets you execute processes on remote
windows systems, copy files on remote
systems, process there output and
stream it back. It allows execution of
remote shell commands directly with
full interactive console without
having to install any client software.
On local machines it is also able to
impersonate so can be used as a silent
replacement for Runas command.
You can try to have psexec call a bat program that executes what you need on the remote machine. I ran into this issue with installutil.exe. A simple bat file on the remote machine resolved it.
You should also share your experience on the sysinternals board. There may be something they can do in a future revision.