none
PSEXEC does not run with firewall is turned on

    Question

  • Trying to run following command from windows 10 console to Windows 7:

    psexec \\10.10.10.1 -accepteula -nobanner -n 5 -u user -p "passwd" c:\utils\tcpvcon.exe -anc program.exe

    but it gave me en error:

    Couldn't access 10.10.10.1:The network path was not found.Make sure that the default admin$ share is enabled on 10.10.10.1.Could not start PSEXESVC service on 10.10.10.1:The RPC server is unavailable

    my firewall settings:

    netsh advfirewall firewall sh ru name="psexec v lokalni siti" verbose
    
    Název pravidla:                       PSEXEC v lokalni siti
    ----------------------------------------------------------------------
    Povoleno:                             Ano
    Smìr:                                 In
    Profily:                              Doména,Privátní,Veøejná
    Seskupení:
    LocalIP:                              Any
    Vzdálená IP adresa:                   Any
    Protokol:                             TCP
    Místní port:                          135
    Vzdálený port:                        Any
    Funkce Edge traversal:                No
    Služba:                               WinRM
    InterfaceTypes:                       Any
    Zabezpeèení:                          NotRequired
    Zdroj pravidla:                          Místní nastavení
    Akce:                                 Allow
    When firewall is disabled, than it works just fine. What am I doing wrong?

    Tuesday, February 26, 2019 8:50 PM

All replies

  • I too have had issues running psexec.exe just recently. Have you found a resolution? I get path not found also and I've been using my script for over 2 years. Did a MS patch disable psexec.exe remote execution?

    Tuesday, March 19, 2019 11:45 PM
  • You need to have the following set on remote computer:

    enable service "Remote Registry" for PSEXEC to be able to read HKLM\Software\Microsoft\Windows NT\CurrentVersion\Perflib

    execute the following three commands; if you are adding LocalAccountTokenFilterPolicy for the first time then you will need to restart remote computer

    reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f

    netsh advfirewall firewall add rule name="Allow PSEXEC TCP-445" dir=in action=allow protocol=TCP localport=445 remoteip=(your admin/server IPs here separated by comma and no spaces)

    netsh advfirewall firewall add rule name="Allow PSEXEC UDP-137" dir=in action=allow protocol=UDP localport=137 remoteip=(your admin/server IPs here separated by comma and no spaces)


    Wednesday, April 10, 2019 1:02 AM