Saturday, September 12, 2015

Execute almost any command remotely on windows using WMI.

Whenever I want perform any task remotely WMI (Windows Management Instrumentation) is my first choice. I can do whatever I want remotely, run process get information, setup configuration. It is an API to windows. I have already many article earlier one of the article is Change DNS IP address remotely. In this article I will be adding Domain group to Remote machine's local Group. My earlier article was on the same topic but it was through the Group Policy. But when I am doing it through WMI I can select the computers where I want to change settings, Contrary to apply GPO on specific Computers, I will have put those Computer Accounts in specific OU in AD, Which can be some time cumbersome to maintain Computer accounts within AD. 

Only limitation I found so far with WMI is you can not run files stored on UNC path or map UNC path directly over remote. For that you will have to do changes on remote computer Accounts in AD  (Add Trusted computer as a  delegate). My another POST.

In this article I will be adding Domain Group in Local machine Group of Remote.I have created RemoteAccess group in my AD. make a note there is no space between RemoteAccess Group account, if you dont keep any space your scripts will be successful 100%. I will be adding Domain group RemoteAccess to the local machine group name "Remote Desktop Users"
On my server i have c:\temp folder and created 2 files one is Computers.txt it contains all the list of my computers hostname and ip address.
Another file is Dos Batch file and I have named it Script.bat kept in same location C:\Temp. Containts of the Batch files are as below, I have also attached screenshot.

@echo off
FOR /f "tokens=*" %%G IN (Computers.txt) DO (
wmic /Node:%%G process call create 'net localgroup "Remote Desktop Users" vcloud\RemoteAccess /add')

As per the screenshot in case you want to change the name and location try to keep both files in same location, underlined Green text you can change accordingly your need, Don't change rest of the code.
Now open CMD Prompt on server where you will be running bat script. You don't need to run cmd as administrator, but the account you will be running this script must be administrator on the remote machine, I am using vcloud\vkunal, it is my domain admin account, by default Domain Admin is added to all machines Administrators account.
First command is cd C:\temp will take you to the directory, next dir, check all the necessary files are present. and final one is Script.bat, once it executed, you will see the return value 0, means successful. below is the meaning of all the returncode, it will help you to resolve other code.
Successful completion (0)
Access denied (2)
Insufficient privilege (3)
Unknown failure (8)
Path not found (9)
Invalid parameter (21)
Other (22–4294967295)
If you got 0 return code, go ahead and check remote computer for the changes.
WMi is very handy doing all sort of work on Windows. you can execute almost any process using WMI. if you want run such processes in my batch file just replace your code between sigle quote. Below are some of the programs you may like to run remotely.

Group Policy update (gpupdate)
Killing a process (Taskkill)
Restart services (SC)
Create local users, or change administrator password 
Getting Bios serial number using wmic bios get serialnumber
Disk information
Complete Inventory.
and many more ....

Also now you can perform same task with Powershell aswell and here it is how you can use the same.

$credentials = get-credential
$RunProc = get-wmiobject -list Win32_process -computername "ComputerName" -credential $credential
$results = $RunProc.Create( "notepad.exe" )

No comments: