1

I have the following function for connecting to a remote client machine and running an executable on it.

I copied it from a response on this site, but don't have the link anymore, so I'm not sure who to give credit to.

    public static void ConnectToRemoteClient(string client_machine, string user, string password, string target_exe )
    {
        var connection = new ConnectionOptions();
        // The '.\' is for a local user on the remote machine
        // or 'mydomain\user' for a domain user
        connection.Username = user;
        connection.Password = password;


        object[] theProcessToRun = { target_exe };

        var wmiScope = new ManagementScope($@"\\{client_machine}\root\cimv2", connection);

        wmiScope.Connect();

        using (var managementClass = new ManagementClass(wmiScope, new ManagementPath("Win32_Process"), new ObjectGetOptions()))
        {
            managementClass.InvokeMethod("Create", theProcessToRun );
        }   
    }

It is called using the following syntax:

    string exe = string.Format("taskkill.exe {0} {1}", @"/F", @"/PID 8704");
    ConnectToRemoteClient("ClientMachine", @"Domain\Username", @"password", exe);

It works just fine for executables that exist on the remote client machine.

However, I want to call an executable from a server, and run it on that remote client machine.

Not sure how best to approach this. I tried feeding it the following:

    ConnectToRemoteClient("ClientMachine", @"Domain\User", @"password", @"\\ServerName\MyDir\Myfile.exe");

But it never initiated the executable on the machine. No error messages.

The reason I want to do this, is to save me from having to copy the large executable and supporting files to each client, but rather just run it from the server depot on each remote client.

Do I have to call a CMD window and feed it the \\ServerName\MyDir\Myfile.exe in order to get it to work properly? or is there a way I can make this work?

Improve this question
2
  • But when you execute the EXE on the server, it must be copied over the network to the clients memory space - so in your design you are in effect copying the EXE every time you want to run it, rather than copying it to the client just the once. Besides; any reasonably virus scanner will just stop you doing what you are trying to do. You have to deploy the code. Commented Feb 6, 2018 at 21:03
  • PhillipH, that is correct, but this makes it easier for us because we can remote into the client machines, start the executable and just let it run, as opposed to waiting for it to copy all the supporting files down to the client. The users just want to remote into machines, go to the same location, doubleclick executable from the same spot and then move onto the next machine. Commented Feb 8, 2018 at 18:33

1 Answer 1

Reset to default
2

You are connecting to the remote machine using the passed credentials, but that only establishes your rights to open WMI. The command you then pass to WMI to execute is not running as the credentials you pass in, but under the LocalSystem account credentials.

LocalSystem does not have access to the network share.

To do this you need to remotely execute PSEXEC (https://ss64.com/nt/psexec.html) which allows you to pass the parameters to launch the application as. PSEXEC runs as LocalSystem but allows you to pass credentials to use when it launches your designated application. The launched program will then impersonate the user you pass in, and will have access to the network share.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.