markwilson.it

Using psexec to make registry changes on a remote computer

Written by

Mark Wilson

in

So, here’s the problem. I’m in the UK and I want to send a 15MB file to someone in Australia. My Windows Live SkyDrive and Mesh accounts have 5MB limits (and there is no Mac client for Mesh for a point to point connection). I have an FTP server I can use but I need to create a new user account and I’m many miles away from the server. Of course, being Internet-facing, the FTP server is in a DMZ, so I’m careful about which services it is running but I can use a Remote Desktop Connection to connect to another computer and then use a second remote desktop session to access the FTP server from inside the firewall. At least, I should have been able to, if I’d enabled remote desktop… and I hadn’t.

I tried to connect to the registry remotely and enable Remote Desktop using the method that Daniel Petri describes but that failed:

Error connecting network registry
Unable to connect to ipaddress. Make sure you have permission to administer this computer.

I wasn’t sure what was preventing access to the remote registry (the target is a fully patched Windows Server 2003 R2 computer) but I needed another method of access. That method was a Microsoft SysInternals tool called psexec which allowed me to bypass whatever security I was having trouble with and run commands on the remote server. First I edited the registry to allow Remote Desktop:

psexec \\ipaddress -u username -p password reg add "hklm\system\currentcontrolset\control\terminal server" /f /v fDenyTSConnections /t REG_DWORD /d 0

and was pleased to see that:

reg exited on ipaddress with error code 0.

Next I checked the value I’d just set:

psexec \\ipaddress -u username -p password reg query "hklm\system\currentcontrolset\control\terminal server"

Before I restarted the server:

psexec \\ipaddress -u username -p password shutdown -f -r -t 0

After this, I could RDP onto the console and make the changes that I needed.

If all the command line exercise is a little daunting, then it looks as though Phil Morgan’s RD Enable XP will also optionally call psexec to do the same thing…

Comments

2 responses to “Using psexec to make registry changes on a remote computer”

  1. Fix Registry Errors avatar
    Fix Registry Errors

    Thanks for the writeup. We’ve never had to get this advanced in the registry – the most we’ve done is “regedit” type stuff. Hehe – anyways, thanks for the help, marking this down and might need it someday.

  2. farmhousenetworking avatar
    farmhousenetworking

    Here are a couple modifications / additions:

    You might also need to open the firewall to RDP: psexec.exe \ipaddress -s netsh firewall set service RemoteDesktop enable
    You can run the shutdown command without psexec: shutdown /m computername /r /t 0 /f

    Notice that I use -s in the first command. It runs things in the System account.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More posts