Tag: Scripting

Allowing PSEXEC on Windows 10 PCs

Allowing PSEXEC on Windows 10 PCs

Background:

PSEXEC is nice little command line utility that I’ve had to use for many years now in managing and troubleshooting Windows PCs remotely. Psexec is part of the PSTOOLS collection by the famed Mark Russinovich. The latest version of Psexec can be downloaded at https://technet.microsoft.com/en-us/sysinternals/pstools.aspx

With Windows 7 and below, as long as you have domain admin rights you are able to run psexec without much drama. Unfortunately, with Windows 10 it isn’t as simple as before as there are plenty of reports of Windows 10 denying your Psexec connections. An example problem widely reported is below.

Allowing-psexec-Windows10

Solution:

To fix this you will need to allow 2 ports – TCP/445 and UDP/137. However, you will want to ensure only the IP addresses of admin PCs or servers are allowed for security reasons.

You will notice that if the remote Windows 10 firewall is disabled, the connection is allowed immediately.  With this fix, the connection can take from 10-15 secs but will be allowed eventually.

Steps:

  1. Connect to the affected Windows 10 PC using your favourite remote access tool (eg VNC, RDP, etc).
  2. Open an ‘elevated’ CMD prompt and enter the commands below (you can copy and paste this 2 lines in one go).
netsh advfirewall firewall add rule name="Allow PSEXEC TCP-445" dir=in action=allow protocol=TCP localport=445 remoteip=(your admin/server IPs here separated by comma and no spaces)

netsh advfirewall firewall add rule name="Allow PSEXEC UDP-137" dir=in action=allow protocol=UDP localport=137 remoteip=(your admin/server IPs here separated by comma and no spaces)

3. Now try to run psexec on your PC using the command below

psexec \\<pc name> cmd

Finally, you are in!

Allowing-psexec-Windows10-2

4. Type exit to close PSEXEC session and return to CMD prompt.

Advertisements