PSEXEC is nifty free utility from Microsoft/Sysinternals that is part of a whole suite of free tools (“Sysinternals Suite“). While there are a ton of great tools there, I wanted to point out an issue for psexec that I just figured out and has occasionally bugged me in the past.
PSEXEC is used to spawn processed on remote systems. To use, download it from the standalone or suite links above and execute it from a DOS prompt. While it is very useful to open a command prompt on the remote machine:
psexec \\computername cmd
(note that this assumes your current username/password has rights on, or matches a login id for the remote system)
I prefer to use it to run processes like “reg” which can check the remote system’s registry for values and return the screen output for use in other commands.
The problem I’ve had in the past was passing arguments that contain spaces. For example:
psexec \\pc1 reg query HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server
If executed w/o “psexec” on a local machine this will return the text output of all the values in that key (use “/s” to get all subkeys as well), but the “server” gets left off when passed to the remote system. Enclosing the whole argument in quotes returns
PsExec could not start reg query HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server on win
Enclosing just the arguments gets:
ERROR: Invalid Argument/Option - 'query HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server'.
Which is when I would go off and find another way. Fortunately I (finally) figured out I could enclose just that argument in quotes, which resolved the problem:
psexec \\pc1 reg query "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server"
PsExec v1.98 - Execute processes remotely Copyright (C) 2001-2010 Mark Russinovich Sysinternals - www.sysinternals.com HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server RCDependentServices REG_MULTI_SZ CertPropSvc\0SessionEnv NotificationTimeOut REG_DWORD 0x0 SnapshotMonitors REG_SZ 1 StartRCM REG_DWORD 0x0 TSAdvertise REG_DWORD 0x0 DeleteTempDirsOnExit REG_DWORD 0x1
Now I have a quick way to pull the DeleteTempDirsOnExit value off my Terminal Servers even if PowerShell remoting isn’t enabled.
To turn on remote powershell on a remote system use
psexec \\[computer name] -u [admin account name] -p [admin account password] -h -d powershell.exe "enable-psremoting -force"
TL;DR: To pass arguments with spaces when use psexec, enclose each argument in double quotes.
Pingback: PSExec command-line parameters | Mike's Tech Ramblings