Solved

Running processes on remote machines -- access denied (problem with admin$ share??)

Posted on 2004-03-25
5
1,638 Views
Last Modified: 2013-12-04
Hi all,

I am trying to use psexec from www.sysinternals.com to run processes on remote computers. Everything is Windows XP (Home/Professional - tried all combinations without luck). The bottom line is that it doesn't work for me. At some point I received an error message about the "admin$" share. I get the same error message when trying to use the admin$ share. That's why I suspect the problem is the admin$ share. Anyway I've put more details below.

The admin$ share on the remote computer has been created as follows:

C:\>net share admin$
admin$ wurde erfolgreich freigegeben.


Shares on the remote computer look as follows:

C:\>net share

Name         Ressource                       Beschreibung

-------------------------------------------------------------------------------
admin$       C:\WINDOWS                      Remoteadmin
IPC$                                         Remote-IPC
C            C:\
Der Befehl wurde erfolgreich ausgeführt.



However, running psexec does not work:

C:\>psexec -u xxx -p yyy \\computername ipconfig /all

PsExec v1.52 - Execute processes remotely
Copyright (C) 2001-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

Couldn't access computername:
Zugriff verweigert


Connecting to the admin$ doesn't work either - same error message

C:\>net use \\computername\admin$
Das Kennwort für \\computername\admin$ ist ungültig.

Drücken Sie die EINGABETASTE, oder geben Sie einen neuen Benutzernamen ein, um eine
Verbindung zwischen "computername\Gast" und "computername" herzustellen: username
Geben Sie das Kennwort für "computername" ein:
Systemfehler 5 aufgetreten.

Zugriff verweigert


(english translation: invalid password for \\computername\admin$, press enter key or enter new user name to connect to computername. ... system error 5 occuered ... access denied)

Thanks in advance
Holsche


0
Comment
Question by:Holsche
  • 3
5 Comments
 
LVL 7

Accepted Solution

by:
YarnoSG earned 250 total points
ID: 10680362
You need to establish an administrative connection first.

net use \\TargetPC\ipc$ /user:TargetPC\Administrator AdminPassword

THEN do your PSExec.

_________

Auf Deutsch:
Sie müssen einen administrativen Anschluß zuerst herstellen.

NET USE \\TargetPC\ipc$ /user:TargetPC\Administrator AdminPassword

Tun Sie dann Ihr PSEXEC
0
 
LVL 7

Expert Comment

by:YarnoSG
ID: 10680392
to clarify-  The account you are logged in locally does not have administrative rights on the REMOTE machine-  you need to establish your identity to the remote machine with administrative credentials, hence the "/User:TargetPC\Administrator AdminPassword"

_____________
das Konto zu erklären, das Sie innen am Ort geloggt werden hat nicht administrative Rechte auf REMOTEMASCHINE Sie Ihre Identität zur Remotemaschine mit administrativen Bescheinigungen herstellen müssen, folglich "/User:TargetPC\Administrator AdminPassword"
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10680786
I could also be a policy on the remote computer, that disables use of the admin share.
http://support.microsoft.com/?kbid=306300

It describes how to DISABLE use of the admin share

*** quote ***
Click Start, click Run, type gpedit.msc, and then click OK.
In the Group Policy editor, click to expand Computer Configuration, click to expand Administrative Templates, click to expand Windows Components, and then click to expand Terminal Services.
Double-click the Do not allow new client connections policy.
Set the policy to Enabled, and then click OK.
You can also use the following procedure to disable Remote Desktop; however, if you use the preceding procedure, the following configuration is overridden:
Right-click My Computer and click Properties.
Click the Remote tab.
In the Remote Desktop section, click to clear Allow users to connect remotely to this computer, and then click OK.
NOTE: Remote Desktop is not available in Windows XP Home Edition.
***end of quote ***

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 
LVL 7

Expert Comment

by:YarnoSG
ID: 10681048
Also If the remote PC is XP, you will need to do this ON the PC if it is not in a domain:

Start | Programs | Administrative Tools | Local Security Policy
Security Settings
Sharing Mode-  Change this to "Classic Mode - Local users Authenticate as Themselves"  (as opposed to "Guest only" the default model)

this fix will be applied after a restart

See:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/winxppro/proddocs/506.asp?frame=true
0
 

Author Comment

by:Holsche
ID: 10685074
Thanks, YarnoSG - that was the solution !
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question