Access denied using psexec when connect to remote server
I use latest version of PsExec, and execute Command Prompt as Run as Administrator. We use PsExec v2.11
MY_MACHINE is on MY_DOMAIN domain.
REMOTE_SERVER is on OTHER_DOMAIN domain.
user_partner is on DOMAIN_PARTNER.NET.
For execute a simple Server connectivity test (for eg. From my machine MY_MACHINE to REMOTE_SERVER server)
C:\Tests\GRMDeployment\Tools>PsExec \\REMOTE_SERVER.OTHER_DOMAIN.local -u OTHER_DOMAIN\USER_FOR_TFS -p **PASS** cmd.exe /v /c echo ^%computername^%
PsExec v2.11 - Execute processes remotely
Copyright (C) 2001-2014 Mark Russinovich
Sysinternals - www.sysinternals.com
REMOTE_SERVER
cmd.exe exited on REMOTE_SERVER.OTHER_DOMAIN.local with error code 0.
Another partner in another domain, it gets Accesss denied error.
The user to log into the machine is DOMAIN_PARTNER\user_partner.
COMPUTERNAME=WS001S90-01-JEN
USERDNSDOMAIN=DOMAIN_PARTNER.NET
USERDOMAIN=DOMAIN_PARTNER
USERNAME=user_partner
USERPROFILE=C:\Users\user_partner
I checked the ports used by PSExec, 445 and 135, and both are open on the REMOTE_SERVER.OTHER_DOMAIN.local machine:
nc -z REMOTE_SERVER.OTHER_DOMAIN.local 445
Connection to REMOTE_SERVER.OTHER_DOMAIN.local port 445 [tcp/microsoft-ds] succeeded!
nc -z REMOTE_SERVER.OTHER_DOMAIN.local 135
Connection to REMOTE_SERVER.OTHER_DOMAIN.local port 135 [tcp/epmap] succeeded!
The directory is accessible from Explorer:
\\REMOTE_SERVER.OTHER_DOMAIN.local\SharedFolder
I get Access is Denied error, also with Admin user.
PsExec \\REMOTE_SERVER.OTHER_DOMAIN.local -u OTHER_DOMAIN\TFSADMIN -p xxxxx cmd.exe /v /c echo ^%computername^%
I try Add a Windows credential.
Internet or network address: REMOTE_SERVER.OTHER_DOMAIN.local
User Name: OTHER_DOMAIN\USER_FOR_TFS
Password: **PASS**
And I get the same error.
Then, I try this:
C:\Users\user_partner>net user administrator /enable:yes
The command completed successfully.
C:\Users\user_partner>PsExec \\REMOTE_SERVER.OTHER_DOMAIN.local -u OTHER_DOMAIN\USER_FOR_TFS -p xxxxxx cmd.exe /v /c echo ^%computername^%
PsExec v2.11 - Execute processes remotely
Copyright (C) 2001-2014 Mark Russinovich
Sysinternals - www.sysinternals.com
Couldn't access REMOTE_SERVER.OTHER_DOMAIN.local:
Access is denied.
Other test:
C:\Users\user_partner>PsExec \\REMOTE_SERVER -u OTHER_DOMAIN\USER_FOR_TFS -p **PASS** cmd.exe /v /c echo ^%computername^%
PsExec v2.11 - Execute processes remotely
Copyright (C) 2001-2014 Mark Russinovich
Sysinternals - www.sysinternals.com
Couldn't access REMOTE_SERVER:
The network path was not found.
Other test, using the ip, I get Access denied:
C:\Users\user_partner>PsExec \\10.254.6.40 -u OTHER_DOMAIN\USER_FOR_TFS -p **PASS** cmd.exe /v /c echo ^%computername^%
PsExec v2.11 - Execute processes remotely
Copyright (C) 2001-2014 Mark Russinovich
Sysinternals - www.sysinternals.com
Couldn't access 10.254.6.40:
Access is denied.
Other test
runas /user:OTHER_DOMAIN\USER_FOR_TFS cmd
PsExec \\REMOTE_SERVER.OTHER_DOMAIN.local -u OTHER_DOMAIN\USER_FOR_TFS -p **PASS** cmd.exe /v /c echo ^%computername^%
Any suggestions?
Answer
try the following:
- try to disable UAC on the target machine - TRY THIS FIRST!
- check if you can access \admin$ share on the target machine
- try to use a domain user and not a local user. this domain user must be admin on the target machine
- try to add the name and password to credentials cache with
cmdkeybefore using psexec
using cmdkey:
cmdkey.exe /add:MACHINE_NAME /user:MACHINE_NAME\Administrator /pass:PASSWORD
psexec.exe \\MACHINE_NAME cmd
cmdkey.exe /delete:MACHINE_NAME
5. try to disbale uac for remote users by running this on the target machine
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f