WMI - how to set the software installation process visible on a remote computer using WMI

Posted on 2004-03-22
Last Modified: 2009-07-29

I am trying to install a 3rd party software (primalscripttrial.exe)  on the remote computer using the local admin previledges. Here is the working code that i have written

***** the connection to WMI is working fine, so I havent mentioned the code for that, because it includes the user credentials.

     patch = "C:\primalscripttrial.exe"
strexecute = mid(patch, instrRev((patch), "\")+1)

     Set objStartup = objSWbemServices.Get("Win32_ProcessStartup")
     Set objConfig = objStartup.SpawnInstance_
     objConfig.ShowWindow = 5

     Set oprocess = objSWbemServices.Get("Win32_Process")

errReturn = oprocess.Create(Mid(share,1,1) & ":\"& strexecute ,Mid(share,1,1) & ":\"& sTempDir,objConfig,lintprocessID)

 The errReturn returns  a value = 0, so my code works fine.
But when I go and see the desktop of the remote computer, there is no visible installation window shown.But if i open up the task manager, under processes i see the primalscripttrial.exe process running with 0% memory utilization.
I really would like to see the software installation process visible on the remote computer, Does anybody know how to set it up ?

Question by:godkedar
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 5
  • 4
  • +3

Accepted Solution

xassets earned 168 total points
ID: 10652948
Couple of ideas

1. Although you had permission to create the process, the process didn't have permission to the box.
2. I would not expect the process to show because its running in its own session under the system account
3. Theres another way if the boxes are all nt, 2000, xp, 2003...below
4. If your exe was on the network you need to create a null session share and give access to ANONYMOUS_LOGON in order for the system account to have the necessary privelages

at \\computername 10:20 /interactive myprogram myargs

or logon scripts of course, errrr maybe not.

Even with the "at" command, point 2. above might still be true.

Some lateral options might be remote desktop or maybe some kind of remote control software.

There's another way to do GetObject("Win32_Process") which might just move the goalposts enough to get it working.

            Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!" & _
                    "\\" & sComputer & _

            lError = objWMIService.Create(sEXE & " " & sCommandLine, Null, Null, lProcess)

But this certainly won't be visible on the users screen.

My money would be on number 4 above!

Author Comment

ID: 10653102

thanks for the quick reply.
I dont need to use ANONYMOUS_LOGON , because i am already using the logon credentials of the local administrator on the remote computer who has all the rights and previledges.

Is there any other setting that i am missing in the code ?

the process is still not visible on the remote computer.All the remote computers are on windows 2000 platform.

Expert Comment

ID: 10653186
Is it sat there forever or does it end ? Maybe its raised a messagebox and is waiting for user input, but being in a remote session, it can't access the screen.

I'm not that familiar with using WMI to launch visible process on another box, in fact I thought it was impossible. You would need a way to somehow connect to another users session using WMI. On windows 2000 you could have many sessions (TS clients), how would it know which session to connect to ?

Hopefully another expert will come along who knows.
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 49

Assisted Solution

DanRollins earned 166 total points
ID: 10653780
Have you seen the example here?

The CoInitializeSecurity call might be the key.  What values are you using?

Obvious diagnostic:  Try to run Notepade.EXE on the other computrer.

Author Comment

ID: 10654901
i am using the VBscript to call WMI and install software on the remote computer. And I dont know how to set CoInitializeSecurity  value in VBscript for the WMI.

LVL 49

Expert Comment

ID: 10655156
hmmm... I was looking at the C++ sample by habit.

My guess is it could be related to the ConnectServer and security settings.  Please show that (changing the username and password of course).

Also, trye this:

s= "winmgmts:{impersonationLevel=impersonate}!" & _
                    "\\" & sComputer & _

Set objWMIService = GetObject(s)

and eyeball the string variable s to make sure there isn't an esy-to-spot error in it.

Did you have nay success starting Notepad.Exe?

-- Dan

Expert Comment

ID: 10655614
Hi Dan, that example seems to connect to the local machine. I changed it to a remote machine as follows
            Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!" & _
                    "\\" & sComputer & _
and when I was a domain admin it created calc.exe but it was not visible to the screen, as I said above, wmi creates its own session and I don't know any way to connect to a particular session such as the main screen or a ts client. I would be really interested in finding a way to create processes which are visible to the end user.

However, using AT, I was able to make it appear on the desktop session of the remote machine

at \\computername 07:26 /interactive notepad.exe

LVL 49

Expert Comment

ID: 10655921
In this This google groups thread...

an Ms rep said, in part:
>> The remote process must be non-interactive and cannot access remote
resoyrces (like UNC paths)...

In this thd, the posters bemoan that this was a result of installing SP3

more confirmation:

My search was:

Ergo, the answer is:  It is failing because it can't be done via WMI.

-- Dan

Expert Comment

ID: 10655980
I think it may be possible outside of / with the assistance of wmi.

Given that you can run a process on that machine, albeit invisible cos its in another session, means you have control of the machines cpu

There must be a windows api way of connecting to the existing users session from that wmi process. Otherwise how does xp remote assistance work ? Theres a "Remote Assistance Automation Framework" which would allow the development of remote desktop type apps. Maybe theres something in there which allows the launching of the process. Sadly the documentation looks a bit thin and I think the development effort may not justify the askers needs.


Expert Comment

ID: 10655991
Just trying to find out the background..

..if the process is going to be visible to the end user, you'd really want the user to invoke it. You don't want some patch management application jump out at you when you're in the middle of banging in some accounting report in excel.

So why not just get the user to launch the process ?

Theres other solutions, you could knock up a system tray vb program which is an activex exe which can be CreateObject 'ed from the remote console. That can shell the app in the users process. You could easily deploy that through WMI as discussed by adding it to the "Run" registry key/


Author Comment

ID: 10657983
Hello All,

Thanks for the information, and the confirmation that the process can not be launched as a visible one on the Remote laptop.
Just as a followup of the last comment added by xassets.

""""Theres other solutions, you could knock up a system tray vb program which is an activex exe which can be CreateObject 'ed from the remote console. That can shell the app in the users process. You could easily deploy that through WMI as discussed by adding it to the "Run" registry key/""""

How do i do this ? Do u have a snippet of code for this ?
LVL 10

Expert Comment

ID: 10658036
primalscripttrial REQUIRES a graphical window (I use the licensed ver and it rocks)

You will only be able to do what you are doing if a user is logged in during the time when you run the remote install

Author Comment

ID: 10658062
User is logged in ..still the same problems

Expert Comment

ID: 10658153
Hi godkedar, I reckon you'd need a vb6 programmer, but here goes.

Create a vb project of type "Active X EXE" , lets say its called "Launcher"
Add a module and In Sub Main call the Windows API functions to make it sit in the system tray (or don't bother, just leave it as a windowless app)
Add a class called Invoke and give it a method such as RunProg, make the class publicly creatable
Program the RunProg method to take a command line argument
Public Sub Execute(sCommand as string)
    Shell sCommand
End Sub
Compile this and set it running on a test machine (which would be a client), and register it on your central machine

Write another VB program with the code

set obj=createobject("Launcher.Invoke", sComputerName)
obj.Execute "primalscriptthingy /options"

Write yet another VB program to deploy onto machines
(a) copy the exe (you could keep it on a share instead)
(b) Set a remote registry key to run your VB ActiveX EXE (the HKLM/Software/MS../W../Run)
(c) Once the machine has rebooted, your exe should be resident

Really this is all out of my head and you'll probably need to debug etc to get it working

Whats wrong with the "AT" command in my previous comment, with /interactive ? That will work I reckon and you don't get all this programming grief.


Expert Comment

ID: 10658227
Hey before you go any further - would the remote launcher thing at do the job ?

It sounds like a good alternative to WMI for launching stuff, but I've never used it and don't know if it can hook into the users session.

Kavar / Dan can you remember what its called?
LVL 10

Assisted Solution

Kavar earned 166 total points
ID: 10660208
no, I don't,  but try this

'****************Begin Script***************

Dim UserName
Dim Password
Dim ServerFile
Dim WorkStationName
Dim Command
Dim ClientWindowsDir
Dim ClientScriptText
Dim ExeFile
Dim ExeSource

UserName="Your Domain\Your Username"
'i.e. "Spaceport\SpaceManSpiff"
WorkStationName="The Target Of your attack"
'i mean the machine you are remote executing on
ExeFile="The remote executable name"
'ie PrimalScriptTrial.exe
Password="Your Password"
'i.e. If you need an example of this, better not run this script

On Error Resume Next
Const HKEY_LOCAL_MACHINE = &H80000002
Set objRegProv = GetObject("winmgmts:!\\" & WorkStationName & "\root\default:StdRegProv")
strKefPath="SOFTWARE\Microsoft\Windows NT\CurrentVersion"
objRegProv.GetStringValue HKEY_LOCAL_MACHINE,strKefPath,CStr("PathName"),ClientWindowsDir
If ClientWindowsDir="" Then
      WScript.Echo "Could not Find Client Windows Directory, Cannot Continue"
End If
'quit if a error occured
IfErrOut("Accessing Remote Registry")

'create clientSideScript
Set fso=CreateObject("Scripting.Filesystemobject")
ClientScriptText="set wsh=createObject(" & Chr(34) & "" & Chr(34) & ")| " & chr(34) & "c:\" & ExeFile & chr(34)  & "|"
set RemoteScript=fso.createtextfile("\\" & WorkStationName & "\c$\runit.vbs")
RemoteScript.write Replace(ClientScriptText,"|",vbcrlf)
IfErrOut("Writing RemoteScript")

'copy any source files necessary
call fso.copyFile(ExeSource,"\\" & WorkStationName & "\c$\" & ExeFile)
IfErrOut("Copying Necessary Files")

Command=ClientWindowsDir & "\system32\cscript.exe c:\runit.vbs"
IfErrOut("Running Script Remotely")

FSO.DeleteFile("\\" & WorkStationName & "c$\" & ExeFile)
FSO.DeleteFile("\\" & WorkStationName & "c$\runit.vbs")
IfErrOut("Cleaning Up Temp Files")

Function RunScript(sServer,nCommand,nUsername,nPassword)
      On Error Resume Next
      Set Service = ConnectServer(sServer,nUsername,npassword)
      Set Proc= Service.Get("Win32_Process")
      Dim PID

Select Case result
      Case 0
            Message="Successful completion "
      Case 2
            Message="Access denied"
      Case 3
            Message="Insufficient privilege"
      Case 8
            Message="Not enough storage is available to process this command"
      Case 9
            Message="Path not found"
      Case 21
            Message="Invalid parameter"
      Case else
            Message="Unknown error"
End Select
End Function

Function ConnectServer(sServer,sUser,sPassword)
On Error Resume next
  Set objLocator = CreateObject("WbemScripting.SWbemLocator")
  'Connect to the namespace which is either local or remote
  Set objService = objLocator.ConnectServer (sServer,"root\cimv2", sUser, sPassword)
  'ObjService.Security_.impersonationlevel = 3
  Select Case Err.Number
      Case -2147024891
            WScript.Echo "Access is Denied"
            Exit Function      
      Case -2147217405
            WScript.Echo "Insufficient Privileges on " & Server
            Exit Function
      Case -2147217394
            WScript.Echo "Invalid Namespace"
            Exit function
      Case 0
            Set ConnectServer=objService
      Case Else
            WScript.Echo Err.Number & ":" & Err.Description
            wscript.echo sServer & sUser & sPassword
End Select

End Function

Function IfErrOut(WhatText)
If Err.Number Then
      WScript.echo WhatText & Vbcrlf & "Err: " & Err.Number & ":" & Err.Description
End If
End Function
'******************End Script*******************

Expert Comment

ID: 10661248
Its called psexec, came to me as soon as I opened a beer.

The above looks good, but how will it connect to the desktop session ?
LVL 10

Expert Comment

ID: 10661291
I am not sure why, but I thought I would give it a try, when I did this here (using primalscripttrial30.exe) it worked.... I guess cscript/wscript is able to grab a interactive session if one is open ... (a user still needs to be logged in)
LVL 49

Expert Comment

ID: 10827727
recommendation:  A 3-way split xassets, Kavar, and DanRollins

Expert Comment

ID: 10827794
the xassets account is no longer used.
LVL 49

Expert Comment

ID: 10828171
That does not exclude xassets from getting points if he earned them :)
LVL 20

Expert Comment

ID: 10831139
>>the xassets account is no longer used.

He had used it when he had made these comments here :) So he can get the points if he had answered.

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Entering a date in Microsoft Access can be tricky. A typo can cause month and day to be shuffled, entering the day only causes an error, as does entering, say, day 31 in June. This article shows how an inputmask supported by code can help the user a…
Although it can be difficult to imagine, someday your child will have a career of his or her own. He or she will likely start a family, buy a home and start having their own children. So, while being a kid is still extremely important, it’s also …
An introduction to basic programming syntax in Java by creating a simple program. Viewers can follow the tutorial as they create their first class in Java. Definitions and explanations about each element are given to help prepare viewers for future …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question