2

The following command generally works fine on Windows 7 and Windows 10:

psexec \\machine -u username -p password -h -c -f script.bat

However, on Windows 10 when 'machine' is the localhost, I receive the error below: 

Could not start PSEXESVC on localhost:
Access is denied.

The error message goes away if I run the command at an elevated prompt. Is there anyway to avoid this? What specifically is causing the issue on the local machine on Windows 10?

Improve this question
1
  • This is due to the differences between Windows 10 and Windows 7, Windows 10 elevates a process by implicit request from a user, Windows 7 didn't require that
    – Ramhound
    Commented Jul 15, 2016 at 11:37

1 Answer 1

Reset to default
0 
psexec \\machine -u USERNAMR -p PASSWORD -h -c -f script.bat

or just omit -p PASSWORD to securely prompt for password:

psexec \\machine -u USERNAMR -h -c -f script.bat

-h is to "run with the account's elevated token, if available". So, if you don't run your CMD with elevated privileges, no elevated token is available! There's nothing wrong with Windows. It needs either an elevated token, or elevated credentials to gain that token.

Improve this answer
5
  • On the first point, I was already entering the password, so I've amended my question to reflect that. On your second point, why does Windows not require an elevated token when running the script on a remote machine?
    – Franzl
    Commented Jul 15, 2016 at 11:05
  • What version of Windows, the command should require a UAC prompt on any version of Windows greater than 8.
    – Ramhound
    Commented Jul 15, 2016 at 11:38
  • The local and target machines are both running Windows 10. When running psexec on the local machine, from a non-elevated prompt, script.bat runs on the target machine elevated. However, this doesn't happen if the local and target machine are the same. The user is a domain account in the Administrators group on both machines.
    – Franzl
    Commented Jul 15, 2016 at 11:57
  • You are right. My guess is it needs to access \\localhost\admin$ and that's an administrative share. so, because it's a local address, it tries to use the current token, instead the credentials you provided.
    – NetwOrchestration
    Commented Jul 15, 2016 at 12:38
  • @Ramhound I just tried on a system with disabled UAC and LocalAccountTokenFilterPolicy set to disabled (accesible administrative share from network) and still no luck! It's something sysinternals should fix.
    – NetwOrchestration
    Commented Jul 15, 2016 at 12:45

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .