psexec inside visual studio - visual-studio

I've been trying to get psexec to run executables on remote machines from custom build tasks in visual studio. All of these commands work from the command line but running it from an application seems to be a problem. Some commands work, on other psexec hangs and consequently so do msbuild and visual studio 2005. I'm calling SharePoint's stsadm.exe in this case, but this problem occurs with a lot of programs, when running psexec from an application. There are lots of people having this problem, but there seems to be no solution, so my question is: Does anyone know a working alternative to psexec?

I've experienced 'hangs' when executing PSEXEC against a remote system, but I always attributed it to the security context in which the remote process was running under.
From PSEXEC help:
If you omit a username the remote
process runs in the same account from
which you execute PsExec, but because
the remote process is impersonating it
will not have access to network
resources on the remote system. When
you specify a username the remote
process executes in the account
specified, and will have access to any
network resources the account has
access to. Note that the password is
transmitted in clear text to the
remote system.
If your executing a process remotely, that then needs to access the database (stsadm.exe), then it could be failing trying to access the network resource, depending on how PSEXEC was executed. If thats the case, I'd imagine it would eventually time out and give some sort of resource unavailable message.
There are two things that generally done when executing deployment steps against a remote machine to prevent the behavior your describing:
Like rifferte mentioned, make sure all assets needed to
deploy are local to the remote
machine (copy files, etc) before
using PSEXEC to execute the script (*.bat, *.vbs, *.ps, etc) -
so that everything runs 'local' to
the remote machine.
Run PSEXEC using
a domain username/password when
executing it - note that this
information is passed in clear text
to the remote server.

There's always RCE.
RemCom is a small (10KB upx packed)
remoteshell / telnet replacement that
lets you execute processes on remote
windows systems, copy files on remote
systems, process there output and
stream it back. It allows execution of
remote shell commands directly with
full interactive console without
having to install any client software.
On local machines it is also able to
impersonate so can be used as a silent
replacement for Runas command.

You can try to have psexec call a bat program that executes what you need on the remote machine. I ran into this issue with installutil.exe. A simple bat file on the remote machine resolved it.
You should also share your experience on the sysinternals board. There may be something they can do in a future revision.

Related

Copy files from remote Windows machines with command-line, through RDP

Our team has ~80 Windows development machines, and activities of each developer are logged as text files on the local storage of those machines.
To analyze the logged activities, I want to gather all log files from those machines. Additionally, the log files are updated constantly, so It is desirable to gather files with the command-line from my machine.
I’ve searched and found some solutions, but all of those are not suitable for our situation:
We cannot use PsExec, because tcp/135 and tcp/445 are both closed (countermeasure for WannaCry).
Administrative share is disabled.
telnet service is not up and is banned by security reasons.
WinRM is disabled on those machines by default.
It is difficult to install new software like OpenSSH on those machines (because of the rule of this project)
RDP is the only way to connect those machines. (I have an account on all machines)
How can I copy files from remote Windows machines with command-line through RDP?
Or, at least, is there any way to execute a command on remote Windows machines with command-line through RDP?
I think you can do this, though it is very hacky :)
For a basic setup, which just copies files once, what you would need to do is
Run a script in the remote session when it logs in. I can think of three ways to do this:
Use the "Alternate Shell" RDP file property. This runs a specified program in place of explorer.exe on login; you can use it to run "cmd.exe /c [your script]" for instance.
If that doesn't work (e.g. the remote machine doesn't respect it), you might be able to use a scheduled task that runs the script on login, but perhaps only for a specified user, or maybe the script could check the WinStation type to make sure this is actually an RDP connection before doing anything.
It's also possible to do this by connecting in RemoteApp mode and using the script as your "application", but that only works for Server and Enterprise editions of Windows.
Enable either drive redirection or clipboard redirection on the RDP connection, to give you a way to get data out.
Drive redirection is much simpler to script; you just have the remote script copy files to e.g. "\\tsclient\C\logs".
Clipboard redirection is theoretically possible - you have the remote script copy, then a local script paste - but would probably be a pain to get working in practice. I'm only mentioning it in case drive redirection isn't available for some reason.
You would probably want to script to then log the session off afterward.
You could then launch that from command-line by running "mstsc.exe [your RDP file]". The RDP files could be programmatically generated if needed (given you're working with 80 machines).
If you want a persistent connection you can execute commands over, that's more complicated, but still technically possible. Two ways I can think of:
Use the previous method to run a program on logon, but this time create a custom application that receives commands using a transport that isn't blocked and executes them in the session. I've done this with WCF over HTTP, for instance; it's not secure, of course.
Develop and install a service on the remote machine that opens an RDP virtual channel, and a corresponding RDP client plugin that communicates with it. You can then do whatever you want across the connection. While this solution would be the most likely to work, it's also the most heavyweight and time-consuming to implement so it's probably a last resort.

Starting a .EXE in multiple windows sessions

I have a need for starting an .exe program in multiple windows sessions (15) on the same server, whenever the server reboots.
I had a code that used to do that at start-up, but we lost that.
The exe file collects data from a bunch of servers. It needs to be run in multiple windows sessions--I think this way the process works in parallel.
Does anyone know a way to achieve this?
PsExec is a tool primarily used for running code on other servers, but can be pointed at the local machine too. The -i option can specify a session:
Run the program so that it interacts with the desktop of the specified
session on the remote system. If no session is specified the process runs in the console session.

Why do WSH JScript child processes fail when script is launched remotely?

On a Windows Server 2012 R2 standard machine (AWS EC2 instance) I am using PsExec to start a process on a similar remote computer, supplying user credentials. The process fails in various ways that make me suspect permissions: two AWS CLI commands fail with codes 255 (ses sendemail) or 2 (s3 cp) and Excel refuses to save a file, complaining that there is no disk space.
If I log on to the second machine using the same credentials and run the same .bat file to start the process, it all runs as expected. The process is a WSH JScript and runs invisibly under cscript.exe with its ouput redirected to a file.
I ran a SET command via both methods to see whether the environments were different. There were four differences, none of which seem relevant:
local run has CLIENTNAME=COMPAQ, remote does not have that variable
local has SESSIONNAME variable (from running via mstsc), remote does not
TEMP and TMP have extra subdirectory \3 appended on local but not remote. Both versions end with directories which show as read-only in explorer.
local PATH includes C:\USERS\username\.dnx\bin but remote has %USERPROFILE% instead of username. There is no such directory in either case.
Today I tried process monitor (thanks #GamerJ5 for the suggestion) and saved all the Excel events from a successful local run and a failed remote-start run. Filtering out SUCCESS still left a few thousand results in each case, with no obvious clue as to which of the many failures might be important.
Can anyone suggest what types of request / result might be worth further investigation, or anything else I can look at?
In case it helps anyone else: it turns out that there was a red herring in the question; the failures of the two AWS commands were indirect consequences of the Excel failure. That was a consequence of ignoring Microsoft's "Don't run Office on a server" advice (https://support.microsoft.com/en-us/kb/257757), but a suggested work-around that I found on another post (Microsoft Excel cannot access the file "...". There are several possible reasons Windows Server 2008 R2 with Microsoft Office 2010) worked in this case: create the directory that Excel expects to find at Windows\System32\config\systemprofile\Desktop.

Windows start application on remote host

currently I am writing a deployscript for our build system.
I have an ec2 machine that i want to push my installer to, install the program and then run the program (exe). The program is in fact a server that should run forever. I already tried doing this with Powershell Remoting, this is not satisfying because a permanent connection is needed (if the powershell remote session disconnects, the process terminates).
Now I am looking into Invoke-WMIObject, is this really the best way to go, or am I missing something obvious?
Requirement is that the whole build process can be run from a powershell script (which is executed by our build server).
The server is running windows 2008 Server R2
kind regards
You could run your server program as a Windows Service - just wrap it with one of available free service wrapper utilities like nssm. You can use PSRemoting to recreate and start the service on the remote server each build by running Stop-Service, & nssm remove, & nssm install and Start-Service.
Alternatively (though probably not so easily managed in your build), you could remotely create and run a task in Task Scheduler with Scheduled Tasks Cmdlets.
You can use PsExec from SysInternals, but that's a standalone utility. However, you can still embed the logic in your PS script. If you are still in need of WMI, then you might wanna check this. It includes snippets of VB scripts and a detailed explanation of what to do.

How to ask a remote windows machine to automatically launch an application?

I have a windows server 2003 up in the internet.
But sometime I need to restart it.
After restart, I want one of the applications to run.
I want to do this all programatically.
I can now remotely restart the server.
But the question is how can I ask that piece of software to be executed (more precisely, I want to execute a .BAT file to ask a tomcat to run)?
Because I don't want to manually log in to the machine and start that application. That is time consuming. Is there any possible way, once the machine is started, my application will be run as well?
If you're developing an application that should always be running on the server, you probably need to implement it as a Windows service. For C#, see the classes in the System.ServiceProcess namespace -- you will need to inherit from ServiceBase.
Alternatively, you can set the program to be run as a scheduled task on boot. See the Task Scheduler API to do this.
You can install Cygwin and then do it the same way we'd do it on a Linux box: via ssh, using keys.
OpenSSH is not part of the default Cygwin install, so be sure to select it. It's in the Net category.
Then, after you've installed Cygwin and sshd, read /usr/share/doc/Cygwin/openssh.README to learn how to set up sshd as a service, so it will answer requests automatically, without you having to start the ssh daemon manually.
Finally, set up keys, as described in the link above.
Part of the ssh protocol is a way to ask a remote machine to launch a program. Setting it up with keys lets you do it without needing a password.
You could try xCmd, which is a freeware app to run a command on a remote machine.

Resources