Validate pass on remote computer (PsExec)

[jb11]

I am writing an installer utility that utilizes PsExec and I am trying to validate logon information. I am able to validate the host credentials by using something I found earlier on the site:

Local $valid = True
RunAs($username, @ComputerName, $password, 0, @ComSpec & " /c echo test", @SystemDir, @SW_HIDE)
If @error Then $valid = False
Return $valid

What I would like to do is run basically the same validation on a remote computer. I found out that I can run:

RunAs($username, @ComputerName, $password, 0, @ScriptDir & '\PSEXEC.EXE" \\' & $computer & ' -u ' & $username & ' -p ' & $password & ' cmd /c echo test')

The only issue is that PsExec returns Error Code 0, which registers as an error even though it means it was successful. What I really would like to do is disable that error code, but I have not found a way to do it. So my alternative is to somehow handle the output of that error, except that I cannot seem to read the output locally to a variable. I would rather not use the write to file method. I have tried several variations of the StdoutRead/StderrRead snippets I have seen in other posts but cannot get them to work.

Does anybody have any suggestions as to how I might get this working, or an alternative?

Thanks

[BrewManNH]

What are you trying to do, because I'm not clear on what it is you are attempting.

[JLogan3o13]

I'm with BrewManNH, your request isn't very clear. It sounds as thought you are either A: just trying to validate that someone is currently logged in, or B: trying to find out the username of the person currently logged into the workstation. Is one of these closer to what you meant?

[jb11]

I am writing a portable installer utility for myself and others in my IT department that is basically a GUI to PsExec. In order to run PsExec as admin (when not on local admin or an account with admin privs) I included fields for entering a user/pass, which is Administrator by default. I had basic input validation on it to prevent blank input, etc., but then I thought I would actually have it validate the user/pass on the machine before you can proceed.

Then I realized that if I or another tech used this tool in another environment, there is a possibility that machines may have or need different logon credentials, so I created a second set of input fields for the target machine. What I want to do is validate the user/pass on the target machine using a similar method.

I ran the PsExec line I posted above in CMD and am able to run the echo test, but as i said. it returns Error Code 0, which to the

If @error

in the main script still registers as an error, so it breaks the test. I have been playing with StdoutRead/StderrRead in order to handle the Error Code 0, but am having issues effectively reading the console output from the target machine into the local script. Edited September 12, 2012 by jb11

[BrewManNH]

RunAs doesn't return the exitcode of the program it ran, it returns the PID of that program, so you're not getting a 0 from PSExec, you're getting a PID. The only time @error will be set is if the program you tried to run didn't run. So, in effect the check is correct, there is an error.

Are you checking for an error right after the RunAs command? Because if you're not, then the @error is reset by the next function that you run.

[jb11]

I was testing with this:

Local $valid = True
RunAs($username, @ComputerName, $password, 0, @ScriptDir & '\PSEXEC.EXE" \\' & $computer & ' -u ' & $username & ' -p ' & $password & ' cmd /c echo test')
If @error Then $valid = False
$n = @error
;Return $valid
MsgBox(0, "test", $valid & " " & $n)

I know that when I run the code locally (without PsExec), it is successful and I get True 0. But then when I run this code above, I get False 1. So you are saying that 1 is the PID?

Either way, is there any way to capture the error output from PsExec when it runs the command on the remote machine? That way I can just handle the Error Code 0 as a valid run.

[BrewManNH]

One thing I just noticed is that your quotes are in the wrong places. You have a single double quote in there right after the PSEXEC.exe command that does nothing. I hadn't noticed it before, but it's there in every one of your snippets, so I'm assuming that's the actual line you're using.

Another thing, why are you running psexec using RunAs on the local machine? Doesn't it run using the logged in user's credentials?

[jb11]

I guess when I was playing with the code I left that in there and then I copied from my first post to the last, which is why it was still there. I am not running PsExec on the local machine, only for the remote machine. I am using RunAs for both instances so that I can ensure that it is being run with admin privs. I want to be able to run the utility from anywhere regardless of the profile, as long as the user has the appropriate credentials. This block is to validate those credentials not only on the local machine but the target machine. Below is just testing the validation, so I am not actually running both lines at the same time. My production code differentiates between local and remote validations.

This is what I am using:

Local $execPath = @ScriptDir & '\PsExec.exe'
Local $valid = True

;RunAs($username, @ComputerName, $password, 0, @ComSpec & " /c echo test", @SystemDir, @SW_HIDE) ;Test Local

RunAs($username, @ComputerName, $password, 0, $execPath & ' \\' & $computer & ' -u ' & $username & ' -p ' & $password & ' cmd /c echo test') ;Test Remote

If @error Then $valid = False
$n = @error
;Return $valid
MsgBox(0, "test", $valid & " " & $n)

That double quote fixed one problem but now I have another. Now it is returning positive regardless of the success on the remote computer. I tested with the correct pass and it echoed "test". I tried with the incorrect pass and it gave me a logon failure but I still came back valid in the test above. I just want to handle the output of the remote command so that I can validate the credentials on the remote machine.

[BrewManNH]

Use RunAsWait if you want the exitcode of the program being run. The return from RunAs is the PID and whether or not it could run the program, not what the results of running the program is.

[jb11]

That works; now I can just handle the exitcode. Learning something new every day. Thanks!