Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Reboot SBS2011 box from a non-domain account on the same LAN

Posted on 2016-07-23
12
Medium Priority
?
96 Views
Last Modified: 2016-07-24
Small network with two servers. SBS 2011 & Server 2008.

Just today, nobody can log in remotely or get mail on any device.

The domain admin cannot login either. Gets invalid username or password message.

I can log on remotely to the Server 2008 box as the local admin, but of course that doesn't give me domain privileges.

I want to remotely reboot the SBS box. I've tried using shutdown.exe, but of course authentication fails.

Any suggestion as to how I might achieve this? I'll have physical access tomorrow but would love to solve this today.
0
Comment
Question by:snooflehammer
  • 4
  • 3
  • 3
  • +2
12 Comments
 
LVL 5

Expert Comment

by:Jambon316
ID: 41726212
what about using psexec from the sysinternals.com site.

it should let you push the shutdown command to the remote machine with any admin account details.
0
 

Author Comment

by:snooflehammer
ID: 41726233
You couldn't provide the syntax by any chance?
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 2000 total points
ID: 41726438
it should let you push the shutdown command to the remote machine with any admin account details.

You can't do it without having proper credentials.  And the SBS box does not have a local administrator account.  

Probably your only option at this point is to change the administrator password, but you won't be able to do that remotely unless the server has a DRAC (or similar) card.

Instructions to do this are here:  http://blog.scorpionsoft.com/blog/2012/04/crack-the-cred-episode-105-domain-controller.html
0
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

 
LVL 88

Expert Comment

by:rindi
ID: 41726444
If the server has an iDRAC or ILO module which has been configured, you should be able to logon to that and then force a reboot of the server that way. But if that hasn't occurred to you yet, the server probably doesn't have such a module anyway, or it hasn't been configured for use.

So you would still have to go on site. But you could then configure the iDRAC or ILO or whatever your server model includes so you can use it in the future.
0
 
LVL 5

Expert Comment

by:Jambon316
ID: 41726458
psexec syntax:

psexec \\(hostname or IP address of remote server) -i  -s "c:\windows\shutdown /r"

this sound make the remote server run "shutdown /r" as a system process in whatever session is running on the server.

you should run the command from an elevated command line , as far as I know you don't need domain admin rights as long as you've run the command from an admin command prompt.

let us know if it works for you or not
0
 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 2000 total points
ID: 41726481
as far as I know you don't need domain admin rights as long as you've run the command from an admin command prompt.

Won't work.  You definitely need Domain Admin rights to reboot a domain controller from psexec.
0
 
LVL 5

Expert Comment

by:Jambon316
ID: 41726503
really? if you're running it as admin , using the switch tech to use the current session on the server + passing the command as a system process?  

I don't know for absolutely sure because this is not a situation I would ever be in, but I'm pretty confident that it can be done. it's not like the OP is swimming in choices here so it's worth giving it a go.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 41726513
You would have to be logged into that machine with an account that is a member of the domain admins group -- and if you are able to do that you are able to log into the server with that same account.

psexec doesn't do any more than what can be done with other commands like shutdown (which didn't work for him) where you can add a \\MACHINENAME parameter.
0
 
LVL 11

Expert Comment

by:Scott Silva
ID: 41726556
And if the machine isn't accepting logins it is most likely stuck in an unstable state and nothing is going to respond except hitting the button...
0
 
LVL 5

Expert Comment

by:Jambon316
ID: 41726565
yes if the machine is not accepting logins and it is not already logged in to a session then I agree, the only option really will be to button it.


how is this normally accessed, do you connect via RDP or do you use  3rd party software (team viewer, logmein etc)
0
 

Author Comment

by:snooflehammer
ID: 41726751
It's going to get buttoned this morning. Severely regretting not configuring ILO :(
0
 

Author Comment

by:snooflehammer
ID: 41727043
This could not be resolved without a manual reboot, so although they didn't answer the requirement to remotely force a reboot in this situation, I've accepted the two answers that best addressed the situation.
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this blog, we’ll look at how improvements to Percona XtraDB Cluster improved IST performance.
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question