Solved

WMI - how to set the software installation process visible on a remote computer using WMI

Posted on 2004-03-22
25
13,583 Views
Last Modified: 2009-07-29
Hi,

I am trying to install a 3rd party software (primalscripttrial.exe)  on the remote computer using the local admin previledges. Here is the working code that i have written

***** the connection to WMI is working fine, so I havent mentioned the code for that, because it includes the user credentials.

     patch = "C:\primalscripttrial.exe"
     
strexecute = mid(patch, instrRev((patch), "\")+1)
         

     Set objStartup = objSWbemServices.Get("Win32_ProcessStartup")
     Set objConfig = objStartup.SpawnInstance_
     objConfig.ShowWindow = 5


     Set oprocess = objSWbemServices.Get("Win32_Process")

errReturn = oprocess.Create(Mid(share,1,1) & ":\"& strexecute ,Mid(share,1,1) & ":\"& sTempDir,objConfig,lintprocessID)

 The errReturn returns  a value = 0, so my code works fine.
But when I go and see the desktop of the remote computer, there is no visible installation window shown.But if i open up the task manager, under processes i see the primalscripttrial.exe process running with 0% memory utilization.
I really would like to see the software installation process visible on the remote computer, Does anybody know how to set it up ?

Thanks,
kedar
0
Comment
Question by:godkedar
  • 8
  • 5
  • 4
  • +3
25 Comments
 
LVL 4

Accepted Solution

by:
xassets earned 168 total points
Comment Utility
Couple of ideas

1. Although you had permission to create the process, the process didn't have permission to the box.
2. I would not expect the process to show because its running in its own session under the system account
3. Theres another way if the boxes are all nt, 2000, xp, 2003...below
4. If your exe was on the network you need to create a null session share and give access to ANONYMOUS_LOGON in order for the system account to have the necessary privelages


at \\computername 10:20 /interactive myprogram myargs

or logon scripts of course, errrr maybe not.

Even with the "at" command, point 2. above might still be true.

Some lateral options might be remote desktop or maybe some kind of remote control software.

There's another way to do GetObject("Win32_Process") which might just move the goalposts enough to get it working.

            Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!" & _
                    "\\" & sComputer & _
                    "\root\cimv2:Win32_Process")

            lError = objWMIService.Create(sEXE & " " & sCommandLine, Null, Null, lProcess)

But this certainly won't be visible on the users screen.

My money would be on number 4 above!
0
 

Author Comment

by:godkedar
Comment Utility
Hi,

thanks for the quick reply.
I dont need to use ANONYMOUS_LOGON , because i am already using the logon credentials of the local administrator on the remote computer who has all the rights and previledges.

Is there any other setting that i am missing in the code ?

the process is still not visible on the remote computer.All the remote computers are on windows 2000 platform.
0
 
LVL 4

Expert Comment

by:xassets
Comment Utility
Is it sat there forever or does it end ? Maybe its raised a messagebox and is waiting for user input, but being in a remote session, it can't access the screen.

I'm not that familiar with using WMI to launch visible process on another box, in fact I thought it was impossible. You would need a way to somehow connect to another users session using WMI. On windows 2000 you could have many sessions (TS clients), how would it know which session to connect to ?

Hopefully another expert will come along who knows.
0
 
LVL 49

Assisted Solution

by:DanRollins
DanRollins earned 166 total points
Comment Utility
Have you seen the example here?
     http://msdn.microsoft.com/library/en-us/wmisdk/wmi/calling_a_provider_method.asp

The CoInitializeSecurity call might be the key.  What values are you using?

Obvious diagnostic:  Try to run Notepade.EXE on the other computrer.
0
 

Author Comment

by:godkedar
Comment Utility
i am using the VBscript to call WMI and install software on the remote computer. And I dont know how to set CoInitializeSecurity  value in VBscript for the WMI.

Thanks
0
 
LVL 49

Expert Comment

by:DanRollins
Comment Utility
hmmm... I was looking at the C++ sample by habit.

My guess is it could be related to the ConnectServer and security settings.  Please show that (changing the username and password of course).

Also, trye this:

s= "winmgmts:{impersonationLevel=impersonate}!" & _
                    "\\" & sComputer & _
                    "\root\cimv2:Win32_Process

Set objWMIService = GetObject(s)

and eyeball the string variable s to make sure there isn't an esy-to-spot error in it.

=-=-=-=-=-=-
Did you have nay success starting Notepad.Exe?

-- Dan
0
 
LVL 4

Expert Comment

by:xassets
Comment Utility
Hi Dan, that example seems to connect to the local machine. I changed it to a remote machine as follows
            Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!" & _
                    "\\" & sComputer & _
                    "\root\cimv2:Win32_Process")
and when I was a domain admin it created calc.exe but it was not visible to the screen, as I said above, wmi creates its own session and I don't know any way to connect to a particular session such as the main screen or a ts client. I would be really interested in finding a way to create processes which are visible to the end user.

However, using AT, I was able to make it appear on the desktop session of the remote machine

at \\computername 07:26 /interactive notepad.exe

0
 
LVL 49

Expert Comment

by:DanRollins
Comment Utility
In this This google groups thread...
     http://groups.google.com/groups?oe=UTF-8&th=d44fcc24420cd1a2&seekm=euLaw6CmDHA.1072%40TK2MSFTNGP09.phx.gbl

an Ms rep said, in part:
>> The remote process must be non-interactive and cannot access remote
resoyrces (like UNC paths)...

In this thd, the posters bemoan that this was a result of installing SP3

    http://groups.google.com/groups?oe=UTF-8&threadm=eKmnn%23gdCHA.1652%40tkmsftngp09&rnum=7

more confirmation:
     http://groups.google.com/groups?oe=UTF-8&threadm=eXmuSvUPBHA.1600%40tkmsftngp03&rnum=11

My search was:
     http://groups.google.com/groups?q=impersonationLevel+interactive+remote

Ergo, the answer is:  It is failing because it can't be done via WMI.

-- Dan
0
 
LVL 4

Expert Comment

by:xassets
Comment Utility
I think it may be possible outside of / with the assistance of wmi.

Given that you can run a process on that machine, albeit invisible cos its in another session, means you have control of the machines cpu

There must be a windows api way of connecting to the existing users session from that wmi process. Otherwise how does xp remote assistance work ? Theres a "Remote Assistance Automation Framework" which would allow the development of remote desktop type apps. Maybe theres something in there which allows the launching of the process. Sadly the documentation looks a bit thin and I think the development effort may not justify the askers needs.

0
 
LVL 4

Expert Comment

by:xassets
Comment Utility
Just trying to find out the background..

..if the process is going to be visible to the end user, you'd really want the user to invoke it. You don't want some patch management application jump out at you when you're in the middle of banging in some accounting report in excel.

So why not just get the user to launch the process ?

Theres other solutions, you could knock up a system tray vb program which is an activex exe which can be CreateObject 'ed from the remote console. That can shell the app in the users process. You could easily deploy that through WMI as discussed by adding it to the "Run" registry key/

0
 

Author Comment

by:godkedar
Comment Utility
Hello All,

Thanks for the information, and the confirmation that the process can not be launched as a visible one on the Remote laptop.
Just as a followup of the last comment added by xassets.

""""Theres other solutions, you could knock up a system tray vb program which is an activex exe which can be CreateObject 'ed from the remote console. That can shell the app in the users process. You could easily deploy that through WMI as discussed by adding it to the "Run" registry key/""""

How do i do this ? Do u have a snippet of code for this ?
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 10

Expert Comment

by:Kavar
Comment Utility
primalscripttrial REQUIRES a graphical window (I use the licensed ver and it rocks)

You will only be able to do what you are doing if a user is logged in during the time when you run the remote install
0
 

Author Comment

by:godkedar
Comment Utility
User is logged in ..still the same problems
0
 
LVL 4

Expert Comment

by:xassets
Comment Utility
Hi godkedar, I reckon you'd need a vb6 programmer, but here goes.

Create a vb project of type "Active X EXE" , lets say its called "Launcher"
Add a module and In Sub Main call the Windows API functions to make it sit in the system tray (or don't bother, just leave it as a windowless app)
Add a class called Invoke and give it a method such as RunProg, make the class publicly creatable
Program the RunProg method to take a command line argument
Public Sub Execute(sCommand as string)
    Shell sCommand
End Sub
Compile this and set it running on a test machine (which would be a client), and register it on your central machine

Write another VB program with the code

set obj=createobject("Launcher.Invoke", sComputerName)
obj.Execute "primalscriptthingy /options"

Write yet another VB program to deploy onto machines
(a) copy the exe (you could keep it on a share instead)
(b) Set a remote registry key to run your VB ActiveX EXE (the HKLM/Software/MS../W../Run)
(c) Once the machine has rebooted, your exe should be resident

Really this is all out of my head and you'll probably need to debug etc to get it working

Whats wrong with the "AT" command in my previous comment, with /interactive ? That will work I reckon and you don't get all this programming grief.

0
 
LVL 4

Expert Comment

by:xassets
Comment Utility
Hey before you go any further - would the remote launcher thing at sysinternals.com do the job ?

It sounds like a good alternative to WMI for launching stuff, but I've never used it and don't know if it can hook into the users session.

Kavar / Dan can you remember what its called?
0
 
LVL 10

Assisted Solution

by:Kavar
Kavar earned 166 total points
Comment Utility
no, I don't,  but try this

'****************Begin Script***************
CHECKSUM=123412

Dim UserName
Dim Password
Dim ServerFile
Dim WorkStationName
Dim Command
Dim ClientWindowsDir
Dim ClientScriptText
Dim ExeFile
Dim ExeSource

UserName="Your Domain\Your Username"
'i.e. "Spaceport\SpaceManSpiff"
WorkStationName="The Target Of your attack"
'i mean the machine you are remote executing on
ExeFile="The remote executable name"
'ie PrimalScriptTrial.exe
Password="Your Password"
'i.e. If you need an example of this, better not run this script

On Error Resume Next
Const HKEY_LOCAL_MACHINE = &H80000002
Set objRegProv = GetObject("winmgmts:!\\" & WorkStationName & "\root\default:StdRegProv")
strKefPath="SOFTWARE\Microsoft\Windows NT\CurrentVersion"
objRegProv.GetStringValue HKEY_LOCAL_MACHINE,strKefPath,CStr("PathName"),ClientWindowsDir
If ClientWindowsDir="" Then
      WScript.Echo "Could not Find Client Windows Directory, Cannot Continue"
      WScript.quit
End If
'quit if a error occured
IfErrOut("Accessing Remote Registry")

'create clientSideScript
Set fso=CreateObject("Scripting.Filesystemobject")
ClientScriptText="set wsh=createObject(" & Chr(34) & "wscript.shell" & Chr(34) & ")|wsh.run " & chr(34) & "c:\" & ExeFile & chr(34)  & "|"
set RemoteScript=fso.createtextfile("\\" & WorkStationName & "\c$\runit.vbs")
RemoteScript.write Replace(ClientScriptText,"|",vbcrlf)
RemeteScript.close
IfErrOut("Writing RemoteScript")

'copy any source files necessary
call fso.copyFile(ExeSource,"\\" & WorkStationName & "\c$\" & ExeFile)
IfErrOut("Copying Necessary Files")

Command=ClientWindowsDir & "\system32\cscript.exe c:\runit.vbs"
Result=RunScript(WorkStationName,Command,UserName,Password)
IfErrOut("Running Script Remotely")

FSO.DeleteFile("\\" & WorkStationName & "c$\" & ExeFile)
FSO.DeleteFile("\\" & WorkStationName & "c$\runit.vbs")
IfErrOut("Cleaning Up Temp Files")

Function RunScript(sServer,nCommand,nUsername,nPassword)
      On Error Resume Next
      Set Service = ConnectServer(sServer,nUsername,npassword)
      Set Proc= Service.Get("Win32_Process")
      Dim PID
      result=Proc.create(nCommand,Null,Null,Pid)

Select Case result
      Case 0
            Message="Successful completion "
      Case 2
            Message="Access denied"
      Case 3
            Message="Insufficient privilege"
      Case 8
            Message="Not enough storage is available to process this command"
      Case 9
            Message="Path not found"
      Case 21
            Message="Invalid parameter"
      Case else
            Message="Unknown error"
End Select
RunScript=Message
End Function

Function ConnectServer(sServer,sUser,sPassword)
On Error Resume next
  Set objLocator = CreateObject("WbemScripting.SWbemLocator")
  'Connect to the namespace which is either local or remote
  Set objService = objLocator.ConnectServer (sServer,"root\cimv2", sUser, sPassword)
  'ObjService.Security_.impersonationlevel = 3
 
  Select Case Err.Number
      Case -2147024891
            WScript.Echo "Access is Denied"
            Err.clear
            RunScript=-2
            Exit Function      
      Case -2147217405
            WScript.Echo "Insufficient Privileges on " & Server
            Err.Clear
            RunScript=-2
            Exit Function
      Case -2147217394
            WScript.Echo "Invalid Namespace"
            Err.clear
            RunScript=-1
            Exit function
      Case 0
            Set ConnectServer=objService
      Case Else
            WScript.Echo Err.Number & ":" & Err.Description
            wscript.echo sServer & sUser & sPassword
End Select

End Function
 

Function IfErrOut(WhatText)
If Err.Number Then
      WScript.echo WhatText & Vbcrlf & "Err: " & Err.Number & ":" & Err.Description
      WScript.quit
End If
End Function
'******************End Script*******************
0
 
LVL 4

Expert Comment

by:xassets
Comment Utility
Its called psexec, came to me as soon as I opened a beer.

The above looks good, but how will it connect to the desktop session ?
0
 
LVL 10

Expert Comment

by:Kavar
Comment Utility
I am not sure why, but I thought I would give it a try, when I did this here (using primalscripttrial30.exe) it worked.... I guess cscript/wscript is able to grab a interactive session if one is open ... (a user still needs to be logged in)
0
 
LVL 49

Expert Comment

by:DanRollins
Comment Utility
recommendation:  A 3-way split xassets, Kavar, and DanRollins
0
 
LVL 8

Expert Comment

by:plq
Comment Utility
the xassets account is no longer used.
0
 
LVL 49

Expert Comment

by:DanRollins
Comment Utility
That does not exclude xassets from getting points if he earned them :)
0
 
LVL 20

Expert Comment

by:Venabili
Comment Utility
>>the xassets account is no longer used.

He had used it when he had made these comments here :) So he can get the points if he had answered.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

A short article about problems I had with the new location API and permissions in Marshmallow
Although it can be difficult to imagine, someday your child will have a career of his or her own. He or she will likely start a family, buy a home and start having their own children. So, while being a kid is still extremely important, it’s also …
An introduction to basic programming syntax in Java by creating a simple program. Viewers can follow the tutorial as they create their first class in Java. Definitions and explanations about each element are given to help prepare viewers for future …
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now