Step 1). log into local windows xp (sp3) machine as system account
Step 2). execute psexec test as follows on remote xp (sp3) machine
psexec \\nnn.nnn.nnn.nnn ipconfig /all
RESULT:
Couldn't access nnn.nnn.nnn.nnn
Access is denied.
Question: Why?
I am logged on as windows System user, the system user is all powerfull
i should be able to do anything, with no access restrictions at all
This doesnt work either
psexec \\nnn.nnn.nnn.nnn -s ipconfig /all
why doesnt being logged onto a local xp machine as SYSTEM give me the power to run
anything on a remote machine?
The SYSTEM account is all powerfull when it comes to the local system, but not on remote systems. Use -u to specify a username...
Related
I have gone through various links on SO regarding RDP to a windows machine but still can't understand how to execute for test, ipconfig command on remote machine and gather the results in a text file.
I can't get beyond Mstsc which creates the gui and asks for password and username.
Does psexec work against Windows 10 remote hosts? I'm running psexec from a Windows 7 machine. When the remote host is Windows 8.1, it works, when the remote host is Windows 10, it fails as below:
C:\Windows 7>psexec -h -u Admin -p passwordHere -n 280 \xxx.xx.xxx.xxx ipconfig
PsExec v2.11 - Execute processes remotely
Copyright (C) 2001-2014 Mark Russinovich
Sysinternals - www.sysinternals.com
Could not start PSEXESVC service on xxx.xxx.xxx.xxx:
The remote procedure call failed and did not execute.
Any clues appreciated.
Found this on a Microsoft forum, worked for me.
Open regedit from start. Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Add REG_DWORD (32 bit) LocalAccountTokenFilterPolicy and set value to 1.
You must run psexec on the remote machine and accept the end-user agreement (EUA) before running psexec remotely.
This can also be done by adding '-accepteula' switch to your command or by editing the remote machine's registry (less recommended).
I am trying to start an application as a Windows service and that application is designed to modify files and uses network connection too. I have an Administrator account, called 'admin', which can not see local driver, nor network ones. I have tested the following command with PsExec as 'admin' user in session 0:
fsutils fsinfo drives
The output listed all the drives, but I can not use them at all. Even the 'mkdir', 'cd' basic commands does not work, because the commands can not be found.
The who am I command executed too:
whoami /all
There is no entry for using drives. Could you tell me what settings are necessary to use the network and local drives in session 0 with 'admin' account?
How can I launch a program on a remote windows machine, so that it uses the remote's machine processor and ram.
details:
i have mapped another computers folder to a local drive. in this folder i want to launch an exe via a windows batch file so that it uses the remote computers ressources and not the local ones.
Use sysinternals (now on microsoft) PsExec.
http://technet.microsoft.com/en-us/sysinternals/bb897553
As far as I know, You can't launch an exe on a remote machine unless you are logged into that remote machine in some way. Either by Remote Desktop Connection or through some shell.
How do I open an interactive application, such as cmd.exe or Windows Explorer, running as NETWORK SERVICE? There are ways to do it for the SYSTEM account, but NETWORK SERVICE is proving to be a challenge. I need this to work on Windows 7, but would be interested in solutions for other Windows versions as well.
Have you tried PsExec, a couple of interesting links with more information:
http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
https://social.technet.microsoft.com/Forums/en-US/381df759-af7f-4523-a2fd-b17e8c68db9e/how-to-start-cmdexe-as-network-service?forum=pstools
Here is how you would use PsExec to run cmd.exe under "NETWORK SERVICE" user context:
psexec -i -u "nt authority\network service" cmd.exe