For people in the know, pstools is a lot like ssh for unix (linux, bsd). I understand that there's a mingw?/cygwin ssh daemon out there, but I haven't used it yet.
Imagine that you're the system administrator and your colleague, let's call her Anna, (who is not in the know) is complaining that she does not have e.g. internet explorer on her computer.
Normally a hard-working competent administrator would have to walk all over there and take over the account find the icon for them or directly find the binary for the supposedly missing application and double-click it there, physically, manually.
Say you would like to check the validity of her statement from your current computer without walking all the way over there.
This is where pstools comes in. Imagine that you can find anyone's ip-address in the lan (local area network), because you assigned names to computers used by your colleagues and put that in the dns, mind you in AD this is registered by the dhcp server.
You fire up psexec and you type:
psexec \\roomAcompA -i -U anna -P S3cr3t "C:\Program Files\Internet Explorer\iexplore.exe"
\\roomAcompA stands for the computer A in room A, suppose that's the computer where Anna works, the parameter -i stands for interactive, which means the gui (if available) will be visible to Anna.
You call her up, and ask her if anything weird has happened. She'll tell you that internet explorer has magically popped out of nowhere.
You can also take over her machine by typing:
psexec \\roomAcompA -s -U administrator -P S00p@S3kr1t "cmd"
The parameter -s stands for "system", which stands for system rights granted to the current user. This is comparable to local root permissions for unix systems.
If you're currently running pstools as a superuser on the AD network, the -U and -P parameters could be omitted.
You could also pass local commands with system rights like this:
psexec \\roomAcompA -s "cmd" /C "taskkill /pid 0"
This would unabashedly kill a certain process with pid (process id) 0 with system rights. This is just an example what you could do with psexec.
To kill processes, pstools has the pslist and pskill.
No comments:
Post a Comment
Please help to keep this blog clean. Don't litter with spam.