# Need help with some commands!!!



## Loope (Jun 10, 2009)

Ok, so this isn't really programing what so ever, but I need help, and didn'y know where eles to post, so here it goes...

During the workday when I don't have access to peoples machines I have been starting to use the CMD to take care of what I need, but I am running into problems either when creating a .bat or writing as I go with spaces.


```
psexec -i -d -s c:\program files\spiceworks\spiceworks_desktop.exe
```
or


```
reg add \\machinename\HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server /v fDenyTSConnections /t REG_DWORD /d 0 /f
```
Anytime that a spce is required, such as "program files" or "terminal server" it comes back with "Error: Invalid command-line parameters" Then reason for it is the space in the file name. Is there anyway around this short of changing the files names? How do you annotate spaces when typing commands?


----------



## TheOutcaste (Mar 19, 2009)

Use quotes around the items with spaces:

```
psexec -i -d -s "c:\program files\spiceworks\spiceworks_desktop.exe"
reg add "\\machinename\HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
```


----------



## Loope (Jun 10, 2009)

Thanks!

Wondering if you could answer one more...
PsTools vs RUNAS command

Which do you perfer using?

Also, until the switch to Active Directory is made we are still using Novel which we have no System Admin password, we only have local admin accounts. Via command prompt how can I access their machines using local credentials? The psexec command from PsTools returns:

"Coundn't access computername
Logon failure: unknown user name or bad password."

Both of which are known good local accounts

And then I will use RUNAS like this:


```
runas /user:computername\administrator cmd[\code]

It will return asking me the password then open a new CMD box titled cmd (running as computername\administrator) but everything is the computer I'm on.  

Basicly what I'm asking is what is a good way to run commands on other coputer in the Workgroup using local admin passwords.
```


----------



## TheOutcaste (Mar 19, 2009)

*RunAs* runs commands on the local PC as a different user, it won't access a different PC.

*PSExec* should work, but the positioning of the username is important.
*PsExec \\Computername -U Username command*
If you put the username _after_ the command it won't even prompt for the password, it will just give the *unknown user name or bad password* message

```
C:\Users\TheOutcaste>psexec \\XP-SP2 ipconfig -u Administrator

PsExec v1.97 - Execute processes remotely
Copyright (C) 2001-2009 Mark Russinovich
Sysinternals - [url]www.sysinternals.com[/url]

Couldn't access XP-SP2:
Logon failure: unknown user name or bad password.

C:\Users\TheOutcaste>
```


```
C:\Users\TheOutcaste>psexec \\XP-SP2 -u Administrator ipconfig

PsExec v1.97 - Execute processes remotely
Copyright (C) 2001-2009 Mark Russinovich
Sysinternals - [url]www.sysinternals.com[/url]

Password:


Windows IP Configuration


Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : 
        IP Address. . . . . . . . . . . . : 192.168.9.233
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.9.5
ipconfig exited on XP-SP2 with error code 0.

C:\Users\TheOutcaste>
```


----------



## Loope (Jun 10, 2009)

YEAH!!! it worked! I am glad you cliafied the RUNAS command, thank you. I did notice that the machine I was trying to connect to has Remote Desktop enabled, but still would not let me access it, but when I tryed another computer it worked like a charm. With that I assume that if Force Guest is enable in the registry then that could be the reason why I could not connect? See I use Spiceworks, I dont know if you've ever heard of it but its pretty spiffy open source IT management, anyways to have a machine recoginezed a few things have to happen:
Remote Desktop enabled
Force Guest disabled
Firewall ports opened or disabeld all together
WMI & DCOM enabled for admin accound

I still have 36 of my 181 machines not recognized and me working for a state commission it is like pulling teeth trying to get all the PhD's off their machines or to actually log off at the end of the day, I only have a 30 min window in the morning to take care of this before they arrive. So I've been attempting to take care of this via command promt, but I guess thats not possible?


----------



## TheOutcaste (Mar 19, 2009)

If Simple File Sharing (ForceGuest) has not been disabled, and the File and Printer Sharing exception added to the firewall, not a lot you can do remotely. One of the downsides of a Workgroup setup.

You'd need to visit each manchine to configure them, or if the users have admin rights, get them to run a batch file from a shared network folder to configure the system. Something like this should give you access for PSExec and other tools to work:

```
@Echo Off
Reg Add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /V Forceguest /T REG_DWORD /D 0 /F
netsh firewall set service FILEANDPRINT ENABLE SUBNET
netsh firewall set service REMOTEADMIN ENABLE SUBNET
netsh firewall set service REMOTEDESKTOP ENABLE SUBNET
netsh firewall set AllowedProgram %SystemRoot%\system32\sessmgr.exe "Remote Administration"
```
As for logging off at the end of the day, you can use *shutdown /L /T 30* in a Scheduled Task set to run 10-15 minutes after the end of the work day.
I've not tried using that when a workstation .is locked, or a password protected screensaver is running, but should work


----------



## Loope (Jun 10, 2009)

Awesome! I'll have to give that a try, Batch files are a lot easier to run vs. the extra few minis it takes to do it in the GUI. Thank you. Yeah I've thought of using "shutdown", but a little timid about the possible loss of data, even though its on them to save all work. Thank you again for all the help and the tips!


----------

