Menu
So we are using PsExec a lot in our automations to install virtual machines, as we can't use ps remote sessions with our windows 2003 machines. Everything works great and there are no Problems, but PsExec keeps throwing errors, even every command is being carried out without correctly. For example:
D:\tools\pstools\psexec.exe $guestIP -u $global:default_user -p $global:default_pwd -d -i C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -command "Enable-PSRemoting -Force"
Enables the PsRemoting on the guest, but also throws this error message:
psexec.exe :
Bei D:\Scripts\VMware\VMware_Module5.ps1:489 Zeichen:29
+ D:\tools\pstools\psexec.exe <<<< $guestIP -u $global:default_user -p $global:default_pwd -d -i C:\Windows\System32\WindowsPowerShell\
v1.0\powershell.exe -command "Enable-PSRemoting -Force"
+ CategoryInfo : NotSpecified: (:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
PsExec v1.98 - Execute processes remotely
Copyright (C) 2001-2010 Mark Russinovich
Sysinternals - www.sysinternals.com
Connecting to 172.17.23.95...Starting PsExec service on 172.17.23.95...Connecting with PsExec service on 172.17.23.95...Starting C:\Windows\
System32\WindowsPowerShell\v1.0\powershell.exe on 172.17.23.95...
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe started on 172.17.23.95 with process ID 2600.
These kinds of error messages apear ALWAYS no matter how i use psexec, like with quotes, with vriables/fixed values, other flags, etc. Does anybody has an idea how i could fix this? It is not a real problem, but it makes finding errors a pain in the ass, because the "errors" are everywhere. Disabling the error messages of psexec at all would also help...
798
PsExec is a free Microsoft tool that can be used to execute a program on another computer. It is used by IT administrators and attackers.
PsExec has simple requirements; File and Printer Sharing enabled and the admin$ administrative share available. You could go to all of the remote computers, open up the Windows Firewall applet, go to Allowed Apps and enable File and Printer Sharing on all computers as you see below.
It is clearly not safe to use PsExec's "-u" option on an untrusted remote host. On the other hand, using PsExec without "-u" and therefore authenticating as the currently logged-on user is much safer and does not expose the account to theft of password hashes, the Kerberos TGT, or the plain-text password itself.
PsExec is a light-weight telnet-replacement that lets you execute processes on other systems, complete with full interactivity for console applications, without having to manually install client software.
This is because PowerShell sometimes reports a NativeCommandError when a process writes to STDERR. PsExec writes the infoline
PsExec v1.98 - Execute processes remotely
Copyright (C) 2001-2010 Mark Russinovich
Sysinternals - www.sysinternals.com
to STDERR which means it can cause this.
For more information, see these questions / answers:
103
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
