WMI remote exectution where exectuable resides on a remote share

[satv73]

Hi everybody,
I am facing a problem with remote execution. The following is my
scenario:

1) Machine_A tries to connect to Machine_B via WMI and execute
\\Machine_C\share\application.exe
2) The credentials that I use to connect to Machine B has enough rights
to
access MachineC's Share.


I am using the following code:
Const SW_NORMAL = 1
strComputer = "MACHINE_B"
strCommand = \\MACHINE_C\Share\Application.exe
Set objLocator = CreateObject("WbemScripting.SWbemLocator")
Set objWMIService = objLocator.ConnectServer(strComputer,"root\cimv2",

"mydomain\userX","mypass")


Set objStartup = objWMIService.Get("Win32_ProcessStartup")
Set objConfig = objStartup.SpawnInstance_
objConfig.ShowWindow = SW_NORMAL


Set objProcess = objWMIService.Get("Win32_Process")
intReturn = objProcess.Create _
(strCommand, Null, objConfig, intProcessID)
If intReturn <> 0 Then
Wscript.Echo "Process could not be created." & _
vbNewLine & "Command line: " & strCommand & _
vbNewLine & "Return value: " & intReturn
Else
Wscript.Echo "Process created." & _
vbNewLine & "Command line: " & strCommand & _
vbNewLine & "Process ID: " & intProcessID
End If


I always get the following output:
Process could not be created.
Command line: \\Machine_C\Share\Application.exe
Return value: 2
[But remote execution of local executable on Machine_B always works]


Please let me know what is wrong.
Thanks
Sathish

 

[robin.granberg]

Hi Sathish,

WMI is restricted to the local machine. You can not connect remote to
another machine and execute a command or access anything on a secondary
machine.

Br
Robin

(e-mail address removed) skrev:

 

[satv73]

Thanks for the response. I have observed another behaviour which needs
clarification.

I moved the files from Machine_C to Machine_A and now Machine_A tries
to launch the shared file(on Machine_A) on Machine_B, it fails which is
expected.

But Instead of launching \\Machine_A\Share\application.exe, I tried to
launch like this: "AT <Next minute> /interactive
\\Machine_A\Share\application.exe and it worked! [All the machines are
in the same domain, but if this target machine is on another domain, it
fails].

Thanks
Sathish

 

[canix]

If you dont want to activate Trusted for delegation then you can
schedule a job on the remote computer that runs the command on the 3rd
machine. The only drawback is that you will have a delay for one
minute.

' ScriptName = RunInteractively.vbs
' Author = Robin Granberg
Option Explicit

Dim strComputer
Dim strUser
Dim strPassword
Dim strMin
Dim objLocator
Dim objWMIService
Dim objNewJob
Dim errJobCreated
Dim strBias
Dim strDate
Dim objEnumerator
Dim objInstance
Dim strTime
Dim JobId
Dim intJobDay
Dim strCommand

strCommand = "\\srv1-alt-mst\calc.exe"
strMin = 1
strComputer = "cmp1-alt-mst"
strUser = "domain\user"
strPassword = "password"

strTime = GetScheduleTime(strMin)
strDate = ConDate(Date())
intJobDay = GetScheduledDay()

Set objLocator = CreateObject("WbemScripting.SWbemLocator")
Set objWMIService = objLocator.ConnectServer
(strComputer,"root\cimv2",strUser,strPassword)

Set objEnumerator=objWMIService.ExecQuery("Select * From
Win32_TimeZone")
For Each objInstance in objEnumerator
strBias = objInstance.Bias
Next
Select Case Len(strBias)
Case 2
strBias = "+0" & strBias
Case 3
strBias = "+" & strBias
End Select

Set objNewJob = objWMIService.Get("Win32_ScheduledJob")
errJobCreated = objNewJob.Create(strCommand, strDate & strTime &
"00.000000" &strBias,False, intJobDay,,False, JobID)

Function ConDate(strDate)
Dim strDay
Dim strMonth
Dim strYear
Dim strMyDate

strDay = Day(strDate)
If Len(strDay) < 2 Then
strDay = "0" & strDay
End If
strMonth = Month(strDate)
If Len(strMonth) < 2 Then
strMonth = "0" & strMonth
End If
strMyDate = Year(strDate) & strMonth & strDay
ConDate = strMyDate
End Function

Function GetScheduleTime(strDelayMinutes)

Dim strTime
Dim strNewDate
Dim MyArr
Dim Col
Dim strNewTime
strTime = Now()
strNewDate = DateAdd("n", 1, strTime)
strNewDate = FormatDateTime(strNewdate, 4)
MyArr = Split(strNewDate,":",-1,1)
For Each Col In MyArr
strNewTime = strNewTime & Col
Next
GetScheduleTime = Trim(strNewTime)

End Function

Function GetScheduledDay()
Dim intWeekday
Dim intDay
intWeekday = Weekday(Date())
Select Case intWeekday
Case 1
intDay = 63
Case 2
intDay = 1
Case 3
intDay = 2
Case 4
intDay = 4
Case 5
intDay = 8
Case 6
intDay = 16
Case 7
intDay = 32
End Select

GetScheduledDay = intDay

End Function


(e-mail address removed) skrev:

Thanks for the response. I have observed another behaviour which needs
clarification.

I moved the files from Machine_C to Machine_A and now Machine_A tries
to launch the shared file(on Machine_A) on Machine_B, it fails which is
expected.

But Instead of launching \\Machine_A\Share\application.exe, I tried to
launch like this: "AT <Next minute> /interactive
\\Machine_A\Share\application.exe and it worked! [All the machines are
in the same domain, but if this target machine is on another domain, it
fails].

Thanks
Sathish

 

[satv73]

Thanks Canix, but Trusted Delegation is my last step. A minute
delay(or two) is fine. But can you tell me whether it will work
without problems on the same domain based on the behaviour that I
observed? [please see my previous posting]

Thanks
Sathish

 

[canix]

Hi Sathish,

The problem with working over domains is that the schduled job will be
run by "system" ,which is the computer account in AD. This account does
not have right to resources in other domians unless you have a trust
between the two domains and you have given the Machine_B account access
to the shared file. What you could do is to execute the command with a
script that uses another account.
If you copies a script to Machine_B before you run the scheduling and
then runs that script in the scheduled job.
..
..
objFSO.CopyFile "C:\Scripts\Interactive.vbs", _
"\\Machine_B\C$\Scripts\", OverWriteExisting
..
..
..

strCommand = "C:\Scripts\Interactive.vbs"
..
..
..
Set objNewJob = objWMIService.Get("Win32_ScheduledJob")
errJobCreated = objNewJob.Create(strCommand, strDate & strTime &
"00.000000" &strBias,False, intJobDay,,False, JobID)


Then you could run this command in the Interactive.vbs:
'Interactive.vbs
Dim oShell
Set oShell = WScript.CreateObject ("WSCript.shell")
oShell.run "cmd /K runas /user:domainB\userB
\\DomainB_Machine\Share\application.exe"
Set oShell = Nothing

 

[Unsettled]

I know this is an old thread, but it touches on a pet peeve of mine --
why do people like to confidently respond with misleading/wrong/false
information with such certainty?

 

[Sam Hobbs]

I agree.

The keyword is "certainty". It is not so much of a problem if they say they
are uncertain. I am most frustrated that so few people are concerned about
that.

People are more likely to criticize uncertainty than they are to say
something about unproductive over-confidence such as you have commented
about here.

 

[canix]

Please be more specific.
If you have another opionion about what is right or wrong in this
subject it would be more productive to add some value to the thread!

 

[Sam Hobbs]

I am concerned that many people do not want off-topic discussion. I would
like to say more but I don't want to be innapropriate. So instead of
implying it is wrong for me to not say more, perhaps you want to give me
permission to say more.

You can email me directly; the email address I provide can be edited into a
valid address. Perhaps we can clarify my message so that I don't have to
clutter this newsgroup unnecessarily.