Share via

Copy file with PSExec (PSTools) to multiple computers in same network

BFigueira 21 Reputation points
2022-10-19T11:38:56.03+00:00

Hi,

I'm trying to copy a file from a server on an enterprise network to a specific location on a number of multiple computers in the same network using PSExec and I've got some problems that I wanted to ask you.

First of all, I'm executing these commands from a Virtual machine executing Windows Server 2012 R2 in a local user with administrative rights and using the same credentials I want to use to access the computers.

So this is what I'm doing on my execute.bat:

@echo off  

for /F %%a IN (computers.txt) DO (  

psexec \\%%a -u %%a\<localAdminUser> -p <password> -i -c "\\server1\Folder\CopyFile.bat") >> \\server1\Folder\log3.txt 2>>&1

Right now, computers.txt has only 1 PC, which is mine that is running Windows 10, and we're gonna name it <mylaptop>. \server1 is accessible by every computer on the network with their domain account.

And then, on \server1, this is the CopyFile.bat:

copy "\\server1\Folder\File.xml" "C:\Users\%username%\AppData\Folder"

When I first run execute.bat on my server, nothing happens...I first need to remotely access \server1 using my domain account, and only then I'm able to run execute.bat, and I get this on the log3.txt file:

PsExec v2.4 - Execute processes remotely
Copyright (C) 2001-2022 Mark Russinovich
Sysinternals - www.sysinternals.com

Connecting to <mylaptop>...

Starting PSEXESVC service on <mylaptop>...

Copying authentication key to <mylaptop>...

Connecting with PsExec service on <mylaptop>...

Copying \server1\Folder\CopyFile.bat to <mylaptop>...

Starting \server1\Folder\CopyFile.bat on <mylaptop>...

C:\WINDOWS\system32>copy "\server1\Folder\File.xml" "C:\Users\<localAdminUser>\AppData\Folder"
Username or password is incorrect
CopyFile.bat exited on <mylaptop> with error code 1.

So...it doesn't work. And there's also another problem here, because he is using <localAdminUser> instead of using the domain username that has a active session on the computer, which is what I want when I'm using %username% on the CopyFile.bat. It only works if I use my domain account and use it in the Execute.bat instead of using the <localAdminUser>, like this:

@echo off  

for /F %%a IN (computers.txt) DO (  

psexec \\%%a -u <enterpriseDomain>\<myDomainUser> -p <password> -i -c "\\server1\Folder\CopyFile.bat") >> \\server1\Folder\log3.txt 2>>&1

But doing this is impossible because, obviously, I cannot access every computer on the domain with my username and password, I really need to use the first option where I use the local admin user which is the same in every computer.

What do you think I should do?

Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,240 questions
0 comments
Accepted answer
  1. MotoX80 36,291 Reputation points
    2022-10-24T14:27:02.607+00:00

    Copy "\server1\Folder\File.xml" to c:\temp or some folder. You just need to get it on your local pc.

    Use runas.exe to launch a command prompt with the localadmin account. Then you can run the bat file that iterates through all of the pc names. Since the process is running as the localadmin account you can copy c:\temp\File.xml to \whateverLaptop\c$\users\account.

    Your main problem will be figuring out %username%. One option would be to look for "AppData\Folder" and if it exists, then this must be a valid domain user and not a local .Net account or the Public user.

    You can do that easily in Powershell. 

    $AllPcs = get-content computers.txt     # read in the names  
foreach ($pc in $AllPcs) {  
    "Processing $pc"  
    Get-ChildItem -Path "\\$pc\C$\users" | foreach {  
        $_.name  
        $destination = $_.FullName + "\AppData\Folder\"   
        "Looking for $destination"  
        if (test-Path -path $destination ) {  
            "The folder exists, copy file.xml "  
            Copy-Item -Path "C:\temp\file.xml" -Destination $destination   
        }           
    }  
}

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. MotoX80 36,291 Reputation points
    2022-10-19T14:30:48.983+00:00

    \server1 is accessible by every computer on the network with their domain account.

    That's the problem, you are not using a domain account. Even though you have specified -i, you are not runnng as the desktop user.

    Add another line to your CopyFile.bat. 

    whoami.exe  
copy "\\server1\Folder\File.xml" "C:\Users\%username%\AppData\Folder"

    You will see that the script is being executed as mylaptop\localadmin. Server1 has no way to authenticate that account.

    See also:

    https://learn.microsoft.com/en-us/answers/questions/1050731/psexec-24-option-i-does-not-start-process-in-conso.html

    There is too much that I don't inow about your environment and whatever restrictions that are placed on you to offer a definitive solution.

    An AD logon script that copies the file would be one option. Can you write directly to \mylaptop\c$\users\someusername\whatever? I think that would be faster than using psexec.

    You typically would not use your personal AD account, you would use some domain admin account that your organization uses to manage the desktops.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.