How to admin a remote Windows Server with a command line interface? - windows

When I was a Linux admin I could do anything from the SSH command line. Now, as a Windows admin, I have to deal with the Windows Remote Desktop graphical interface, which I found to be inefective (slow) and hard to automate tasks in it.
a) Can I connect to a Windows Server through SSH or any encrypted connection with command line interface?
b) If yes can I do ANY administrative task?
Examples:
create a new virtual folder in IIS
setup firewall ports
restart services
change user policies
start desktop applications
I know about the existence of Windows PowerShell 2.0 Remoting, but I don't know if it fullfills all conditions above
My conclusion so far: from Windows PowerShell can do MOST but not ALL administrative tasks. And I still don't know if Windows PowerShell 2.0 Remoting uses an encrypted connection.

PowerShell is what you're looking for. It is primarily targetted at system administration (although it's fanastic as a programmer's shell, too).
PowerShell v2 remoting is based on Windows Remote Management. See http://msdn.microsoft.com/en-us/library/aa384426(VS.85).aspx. It includes facilities for ecryption and authentication, as you'd expect.
PowerShell includes cmdlets that let you do a lot of everyday tasks. Microsoft server applications (IIS, Exchange, etc.) either have or are building PowerShell cmdlets to administer them. PowerShell's WMI support is excellent, giving you a lot of machine administration power. PowerShell can talk to .NET directly, which lets you go further than built-in facilities when needed. And writing C# for PowerShell to call works out cleanly, too.
You asked for a command line interface, but don't think that you're restricted to the ancient and crufty Windows Console subsystem. PowerShell v2 includes a new GUI interactive shell / script editor, with colorization and debugging. It's sweet.

You can also try http://sshwindows.sourceforge.net/
I don't have personal experience with it but it looks promising.

Did you consider Google? (looks like you edited your question. You now no longer ask if the example tasks can be achieved using PowerShell)
Powershell snap-in for IIS 7
Restart-Service
Group policies
etc...

Sorry for not answering your question. I was in a similar situation.
I gave up to do all tasks on the windows shell
Instead I do use the shell for some tasks, but I am also using rdesktop (through ssh) and I put icons for the most important gui admin tools on the windows quicklaunch.
I gave up making windows feel like unix because it never will.

alternatively try to download and install eurysco to use the following features that is based on another logic...
1.create a new virtual folder in IIS (from eurysco commandline to launch vbs or powershell script)
2.setup firewall ports (from eurysco commandline to launch netsh.exe advfirewall)
3.restart services (from eurysco service control)
4.change user policies (from eurysco system registry or commandline to launch powershell script)
5.start desktop applications (from eurysco commandline to launch powershell script)
http://www.eurysco.com/features

Related

From a batch script, how to call explorer.exe to launch an exe with command line arguments [duplicate]

I have an elevated console running some bat files. Having this console running in elevated mode is mandatory for it to be able to perform some tasks like managing network shares, etc without asking for permissions. But sometimes the scripts also have to launch some applications which are not desired to run elevated. So we want our elevated bats to start come application in non-elevated mode. Is there any built-in way to do this on Windows? Processes were started with DOS command START up to the date.
By the way, the machine is a Windows 7 Ultimate Edition x64.
I know this isue is already discussed programatically in many questions (this collects many of them), but our requirements are bat scripts running on cmd, and any standalone executable that may help in our tasks, like nircmd, 7z, etc.
Clarification: we already have a scheduled task which starts the console elevated, and elevating the console is not the issue os this answer.
The built-in Windows way: START RUNAS ... allows you to run a process as limited user. Here's an example:
runas /trustlevel:0x20000 cmd.exe
Anyway, there are some internal differences between the execution permissions on a process executed that way and another started from the UI with UAC enabled (explorer.exe via normal user interaction, I mean, execution from file browser or from start menu).
On the process started via runas (right) we miss some permissions disabled:
On the process started via runas (right) Administrators have some permisions set over the process:
The Third-Party application way: we can achieve our goal using PSExec, a standalone executable we can find on PSTools from Windows Sysinternals. Here's an example:
psexec -l -d cmd.exe
I've looked very deep into the issue and I've noticed no difference in any of the running permissions or security flags.
From the Microsoft Technet blogs:
PsExec use the CreateRestrictedToken API to create a security context, called a token, that’s a stripped-down version of its own, removing administrative privileges and group membership. After generating a token that looks like one that Windows assigns to standard users Process Explorer calls CreateProcessAsUser to launch the target process with the new token.
These are the best conslussions I've managed to get after many hours of research; anyone who can provide further details will be welcome.
Really not my area of expertise, but would START RUNAS ... or perhaps AT fit the bill?

I can't execute some commands in PowerShell

I'm using Windows 8.1, and I can't use some commands in PowerShell.
For example, commands about AD User (Get-ADUser, New-ADUser), or commands about certain Windows features (Get-WindoswFeature, Enable-WindoswFeature).
A lot of people use above commands, but I can't use them.
I don't know why it is. Please help me
The PowerShell modules for those commands are not installed on client operating systems by default. You have to install the Remote Server Administration Tools for your specific client OS to get the modules.

scripting languages native to windows for remote users support

I work for a application dev company but I am in the support side of it. I am looking to run scripts on to remote-host (logmein Rescue Technician Pro). Our clients all run windows machines and the oldest OS version we support is XP SP3 and the latest win8. I need a scripting language that is native to windows and doesn't require any download this or unzip that. These scripts are Powershell scripts but as we all know the executionpolicy needs to be set to unrestricted. I need a scripting language that automates mouse clicks and keystrokes like hitting enter on the keyboard or typing words into cmd/Powershell, then hitting enter for example. I am trying to run a script in another language to disable the excutionpolicy in Powershell and then start the powershell scripts from this point. I hope I have explained myself.
UPDATE:
I am bad at what I am trying to explain I guess. I need to run a script to disable ExecutionPolicy on remote users through LOGMEIN RESCUE TECHNICIAN. Logmein has a tab called "SCRIPTS" that automatically startup when you connect to the remote session. The problem is that PowerShell by default is set to executionpolicy restricted. That will not allow my scripts to run and I have to run them manually from my machine, I believe their is a way to just run the scripts and have them out put the results to me without having to pull up the remote users GUI, all the computers are their own independent machines and not on a domain. I need to run the scripts as unrestricted on the remote machine on initiation of the remote session. Thats why I having going around in circles trying to figure this out. I was able to disable powershell from the cmd but i need to hit enter, i need to script the enter key stroke but again i keep running into blocks just run my scripts. I'm annoyed by this now at this point.
You can run a powershell script like so:
powershell -executionpolicy unrestricted -file "C:\Myscript.ps1"
This will not change the global executionpolicy for the whole machine, but just to run that script.
Two options:
1.Stick with PowerShell. When you launch PowerShell, instead of launching from the shortcut, run the following command (either from a cmd prompt, or run command):
powershell.exe -ExecutionPolicy ByPass
This will run PowerShell with the execution mode set to ByPass.
2.Use the old way of scripting that works on all versions of Windows, VB scripts. (although, after using PowerShell, VB scripts are hard to go back to)
I'd honestly go with JScript (or VBScript, but JScript is a much nicer language IMHO), since you don't want to have to install anything on the remote machines. XP doesn't include PowerShell, so you'd have to install it at some point.
WSH (Windows Scripting Host) languages like VBScript and JScript, and PowerShell can all simulate mouse clicks and keystrokes, but if you want one script that will run on all of those platforms out-of-the-box, you'll need to stick with WSH languages.
If you have any control over what gets installed on the remote systems, though, go with PowerShell, or - at very least - make sure that the Windows Scripting Host components are up to date with the latest release available for the platform. I'm not sure whether that would come as part of the typical Windows Updates or not.
Just my $0.02.

Interoperability of PowerShell

I am distributing an installer and it will open and run a PowerShell script. The installer will be used by people who have Windows XP and up.
Am I guaranteed that this script will run/execute on all these versions of Windows? I'm looking for the similar Cross-Windows-Platform interoperability that Batch files provide.
I've heard of the error: "File cannot be loaded because the execution of scripts is disabled on this system" what can I do in this scenario? If a user has disabled scripts does that mean I will need to use a different language(maybe just Batch)?
The error you're quoting is due to the default execution policy of PowerShell when it's installed. The message indicates that PowerShell is installed,but by default it's very restricted about what scripts may run for security purposes.
See this article for more on the subject.
If you're going to use PowerShell in your installer, make it part of the system requirements for your software. I can't find anything that definitively says you can redistribute PowerShell with your application, but it's worth asking Microsoft about it.
PowerShell isn't "guaranteed" to be on any desktop OS older than Win7, but it is distributed via Microsoft Update and there's no compelling reason for users to not have it installed.
If you manage this environment, then make sure that powershell is installed on the XP workstations before deploying the script. There is also the option of configuring group policy for powershell to enable script execution and what type of scripts to allow, but that's outside the scope of this question.
If you don't go the group policy route, and instead want to just run the script directly, then in your installer, call powershell.exe directly and pass in the following parameters:
powershell.exe -executionpolicy bypass -file \\path\to\script
The script path doesn't have to be a unc path if it's local, that was just an example.
No, PowerShell scripts are not guaranteed to run on Windows XP or Windows Server 2003. Although PowerShell is available for these platforms, it's not installed by default.
No, PowerShell scripts may not work, because the PowerShell isn't pre-installed on Win XP/2003.
It is included in the Management Framework for XP/2003.
For me, I suggest to use the .bat instead.

Detect if Windows Service is running of remote machine [duplicate]

This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
Check status of services that run in a remote computer using C#
Is it possible to check if a given windows service is running on a remote machine using C#?
This is assuming that I have the correct login credentials for that machine.
Try this:
sc \\<servername> query <servicename>
WMI, if you're using C# or VB.Net
Otherwise, "SC" is probably the best tool to use from a command line or .bat file.
psservice from pstools does just this.
PsService is a service viewer and controller for Windows. Like the SC
utility that's included in the Windows NT and Windows 2000 Resource
Kits, PsService displays the status, configuration, and dependencies
of a service, and allows you to start, stop, pause, resume and restart
them. Unlike the SC utility, PsService enables you to logon to a
remote system using a different account, for cases when the account
from which you run it doesn't have required permissions on the remote
system. PsService includes a unique service-search capability, which
identifies active instances of a service on your network. You would
use the search feature if you wanted to locate systems running DHCP
servers, for instance.

Resources