Jump to content
Sign in to follow this  
weirddave

%windir% folder on a networked PC

Recommended Posts

Is there a way to determine via a script (running on say, "PC1") the windows install folder on a networked machine (for example, "PC2"), without running a script on it which could report the information? I know it will always be c:\windows for the PCs I want to use this with but it would be nice to do it the right way...

Share this post


Link to post
Share on other sites

Just use \\PC2\C$\Windows or \\PC2\Admin$ both requires admin privileges on PC2, otherwise map the drive and use credentials.

Share this post


Link to post
Share on other sites

Yes, I could do that as I am pretty sure all the PCs will be configured that way, I was just wondering is there was a 'proper' way to determine the current windows folder remotely (I I have seen systems where it isn't c:\windows).

Share this post


Link to post
Share on other sites

u can use cmd commend like :
echo %windir% to get winpath ,

then use any remote cmd execution method to run it remotly for any  pc in domain like
PSexec 
remote WMIC

 

Share this post


Link to post
Share on other sites

the Windows installation path, as well as other important paths, is stored in the registry. look here:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion

reading the remote registry is a one-liner in AutoIt with the RegRead() function.

(of course, admin rights on the target are assumed.)

 

 

Share this post


Link to post
Share on other sites

Only issue with registry is that you require RemoteRegistry service enabled, which by default for Windows 7 and above is disabled.

Another option is to use WMI

MsgBox(4096, "Remote Windows Dir", _GetRemoteWindowsDir("RemotePCName"))

Func _GetRemoteWindowsDir($_sComputerName = @ComputerName)
    Local $sRemoteWinDir = ""
    Local $oWMIService = ObjGet("winmgmts:\\" & $_sComputerName & "\root\CIMV2")
    Local $oColItems = $oWMIService.ExecQuery("SELECT * FROM Win32_OperatingSystem", "WQL", 0x30)
    If IsObj($oColItems) then
        For $oColItem In $oColItems
            $sRemoteWinDir = $oColItem.WindowsDirectory
        Next
    EndIf
   Return $sRemoteWinDir
EndFunc

 

Share this post


Link to post
Share on other sites

to my best understanding, the Remote Registry service is required for modifying the registry on the target pc, whereas reading the registry requires no more than administrative rights (and sometimes even lesser rights, but that's a rare occasion).

i did not extensively test remote WMI operation, however i did encounter this interesting article about remote WMI, including security concerns.

 

Share this post


Link to post
Share on other sites
23 minutes ago, orbs said:

to my best understanding, the Remote Registry service is required for modifying the registry on the target pc, whereas reading the registry requires no more than administrative rights (and sometimes even lesser rights, but that's a rare occasion).

"The RemoteRegistry Windows Service must be enabled on the remote computer you wish to view or edit the registry on."

Tested on my home network, it needs to be started on the remote computer even if it is just reading...

Share this post


Link to post
Share on other sites

Just for reference you can enable RemoteRegistry service via command prompt or script, here are instructions I've written for our helpdesk staff, where some old machines don't have RemoteRegistry already configured.:
 

Quote

To enable RemoteRegistry service remotely you can use SC a command line program for communicating with the Service Control Manager and services:

To Enable and Start the Remote Registry Service on the computer named "RemotePC" you would use the following steps:

•    Open: Administrative Command Prompt
Nb: The logon account requires Administrative privileges on the remote system, so use Run-As Other User if required.
•    Type: SC \\RemotePC CONFIG RemoteRegistry START= AUTO
Important: A space is required between the equal sign and the value i.e. "= AUTO"
•    Type: SC \\RemotePC START RemoteRegistry

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...