Errors starting PsExec to run a program as a local service

windows psexec sysinternals
19,865

As a workaround, try omitting the -i (interactive) switch, making the new syntax:

psexec64 -u "nt authority\network service" C:\Windows\System32\cmd.exe

According to PSExec's help for this switch:

Run the program so that it interacts with the desktop of the specified session on the remote system. If no session is specified the process runs in the console session.

With the -i switch you would normally get the new Command Prompt in a separate window. Without it, a separate window won't appear, but you'll still get connected to the new CMD.EXE process running in the context of the NT Authority\Network Service user account. You can verify this by running WHOAMI at the prompt.

Share:
19,865
user626528
Author by

user626528

Updated on September 18, 2022

Comments

  • user626528
    user626528 over 1 year

    When I run the following command from an Administrative Command Prompt:

    psexec64 -i -u "nt authority\network service" C:\Windows\System32\cmd.exe

    I'm getting these error messages:

    Couldn't install PSEXESVC service:
The operation completed successfully.
Error establishing communication with PsExec service on MYPC:
The operation completed successfully.

    I'm running this on Windows 7 x64 SP1. The PSEXESVC service is installed and running. I get the same results when using the 32-bit version of psexec.

    Any ideas how to fix this problem?

    • I say Reinstate Monica
      I say Reinstate Monica over 6 years
      Can you get by without using the -i switch, if that makes a difference?
    • HackSlash
      HackSlash over 6 years
      I just ran your command example and it worked. It took a really long time to connect to my local machine. Maybe your user account doesn't have the correct permissions. It's possible that security software is stopping this questionable behavior from completing.
    • HackSlash
      HackSlash over 6 years
      Also, it installed the service, ran, and then deleted the service when it was done. Maybe you can't have two services running at the same time.
    • harrymc
      harrymc over 6 years
      If you want to become System, use the -s parameter.
    • user626528
      user626528 over 6 years
      @Twisty Impersonator, no.
    • user626528
      user626528 over 6 years
      @HackSlash, it's an Administrator account. Antivirus is disabled. The same errors.
    • user626528
      user626528 over 6 years
      @harrymc, the same error.
    • HackSlash
      HackSlash over 6 years
      Reboot in safe mode and try again.
    • user626528
      user626528 over 6 years
      @HackSlash, no success.
    • Vomit IT - Chunky Mess Style
      Vomit IT - Chunky Mess Style over 6 years
      How about including the -h switch/parameter? Read over docs.microsoft.com/en-us/sysinternals/downloads/psexec but it states for -h "If the target system is Vista or higher, has the process run with the account's elevated token, if available" give that a simple shot if you've not already.
    • user626528
      user626528 over 6 years
      @IT Snuggles, I want to run it with lowered rights, rather than elevated.
    • Vomit IT - Chunky Mess Style
      Vomit IT - Chunky Mess Style over 6 years
      Okay then simply try running the psexec64 -i -u "nt authority\network service" C:\Windows\System32\cmd.exe from a right-click run as administrator elevated command prompt and see if that does what you expect. You might simply need to run the psexec command initially elevated somehow whether that be from an elevated command prompt first, a saved credential with elevated permissions, elevated right click run as administrator batch script or perhaps a saved shortcut with applicable settings set to have privilege level set to Run this program as administrator, etc.
    • Vomit IT - Chunky Mess Style
      Vomit IT - Chunky Mess Style over 6 years
      So while the initial psexec command may need to run elevated the subsequent and correlated command prompt window or whatever will only be allowed to run commands as the -u switch credential and only be able to perform commands or whatever which it has permissions and in this case that's the nt authority\network service account.
    • user626528
      user626528 over 6 years
      @IT Snuggles, that's how it was already done, see the question description.
    • user626528
      user626528 over 6 years
      @IT Snuggles, the `-h' key didn't change nothing.
    • Vomit IT - Chunky Mess Style
      Vomit IT - Chunky Mess Style over 6 years
      Look over this post and see if you see anything helpful or related in it then: stackoverflow.com/questions/31683374/…. I'm not able to reproduce this error you get up top but that post seems to have some detail related to the issue I suppose.
    • user626528
      user626528 over 6 years
      Must be something wrong with my Windows installation. The error messages aren't much useful, though.
    • user626528
      user626528 over 6 years
      @IT Snuggles, no success with sfc.
    • Vomit IT - Chunky Mess Style
      Vomit IT - Chunky Mess Style over 6 years
      Try the solutions from the answers people provided and provide some feedback on those. Seems to be a permission related issue so look in Event Viewer from the machine it is failing to run against. Also per that other post I left in a comment, ensure the dynamically created exe which the service process points to is not duplicated, trying to be created in a dir which you have no access, etc. on the Windows install. I'm simply just not able to recreate this issue to get the exact same errors as your question lists so I'm not sure other than that post link I provided at this point.
  • user626528
    user626528 over 6 years
    As I've already written to you in the comments, this didn't work.
  • I say Reinstate Monica
    I say Reinstate Monica over 6 years
    Meaning you get the same error?
  • user626528
    user626528 over 6 years
    yes the same error.
  • I say Reinstate Monica
    I say Reinstate Monica over 6 years
    @user626528 Have you tried doing this while logged in with the built-in administrator account?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Could not start PSEXESVC service on [MachineName]: Access is denied
Executing a batch file in a remote machine through PsExec
Session ID in PSExec
BGInfo error occurred opening the Default Desktop registry key
Psexec and UAC issue
PsExec is not copying file over to execute
PSTools: PSExec not working on 64-bit Windows 7
Why does RUNAS command work but PSEXEC doesn't in this case?
PsExec: The user name or password is incorrect
Why can't I use PSExec on a Windows domain without disabling the firewall?