Quick and simple way to enable Remote Desktop (RDP) via psexec
4 Steps total
PSEXEC is a standalone executable file that allows you to run commands on remote machines.
You can download the tool from here:
http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
You can add the location of psexec to your %PATH% variable or simple copy the psexec to C:\WINDOWS\System32\ folder.
After that simply open a command line and type psexec /? to test its functioning accordingly
Open a command line and type the follwoing:
psexec \machinename reg add hklm\system\currentcontrolset\control\terminal server /f /v fDenyTSConnections /t REG_DWORD /d 0
This adds a registry entry enabling RDP connections.
Open a command line and type the following
psexec \remotecomputername netsh firewall set service remoteadmin enable psexec \remotecomputername netsh firewall set service remotedesktop enable:
With this you have successfully configured a remote machine to enable RDP sessions and configured the firewall to allow the connections on the correct ports.
Other Examples
The following command launches an interactive command prompt on
\\marklap computer name:
psexec -i \\marklap cmd
This command executes IpConfig on the remote system with the /all
switch, and displays the resulting output locally:
psexec -i \\marklap ipconfig /all
This command copies the program test.exe to the remote system and
executes it interactively:
psexec -i \\marklap -c test.exe
Specify the full path to a program that is already installed on a remote system if its not on the system's path:
psexec -i \\marklap c:\bin\test.exe
Run Regedit interactively in the System account to view the contents of the SAM and SECURITY keys::
psexec -i -d -s c:\windows\regedit.exe
To run Internet Explorer as with limited-user privileges use this command:
psexec -l -d "c:\program files\internet explorer\iexplore.exe"
No comments:
Post a Comment