PsExec and Windows 7

I like to use PsExec (v1.98) to execute batch files or install software on other PCs on the network when it comes in handy. With Windows XP it always worked flawlessly. Yesterday it was supposed to be the same with Windows 7. Nothing worked.

When trying to start a file on the remote machine, I got the following error message:

Connecting to <IP of the Windows 7 machine>...
Couldn't access <IP of the Windows 7 machine>:
Access denied

All searching in forums, usage of the -h parameters etc. did not change the above behaviour. Today I recreated the situation at home and found the solution after reading some docs.

The user in whose context PsExec is executed on the remote machine has to be administrator or more exactly has to be a member of the administrator’s group. That is what the PsExec documentation is saying. And that is exactly what cannot work. For PsExec to execute a command on the remote machine it has to copy a file called “PSEXESVC.EXE” into the Windows-directory on the remote machine (e.g. into “C:\Windows\PSEXESVC.EXE”). This works only if the user given, when PsExec is called, has access to the Admin$-share on the remote machine. And only the user “Administrator” itself has this right.

In the next part the machine, on which PsExec is executed, is called “A”. A runs Windows XP. The machine, which is supposed to execute a command by remote access, is called “B”. B runs Windows 7. As far as I know, PsExec does not work with the Home-versions of Windows 7.

Preparations on B: by default the user “Administrator” is inactive on Windows Vista/7. It has to be activated first and a password assigned. Procedure: Start -> Accessories -> right click on “Command Prompt” and select “Run as administrator”. Run the following command in the terminal window:

net user Administrator /active:yes

Afterwards the message “The command completed successfully.” should appear. If it fails the “Command Prompt” was not ran as administrator. Next open the control panel, go to “User Accounts”, select the Administrator and assign a password.

To test the correct configuration open a “Command Prompt” on A and execute the following commands one after another:

net use \\<IP of B>\Admin$ /user:Administrator
dir \\<IP of B>\Admin$
net use \\<IP of B>\Admin$ /delete

After the first command you are required to enter the Administrator’s password which you previously assigned. If those commands worked (the dir-command should display the content of C:\Windows on B) PsExec will work too.

Test with PsExec on A:

psexec \\<IP of B> -u Administrator -p <password> "C:\Windows\explorer.exe"

If there are any other problems – especially with the Admin$-share – the following two articles could be helpful:

Dieser Post ist auch verf├╝gbar auf: German

This entry was posted in Allgemein. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *