08 February 2016

How to run an application as a different user

I often have the need to run applications with different credentials. For instance I may need to connect to a website that users Windows integrated authentication, but I need to use my admin account, not my normal logon to access this. Instead of logging off or switching users I simply created a batch script which launches IE with a different set of credentials.

runas /user:[domain]\[user account] "C:\Program Files (x86)\Internet Explorer\iexplore.exe \"[URL]\""

You can use the runas command to run any application you like, just substitute the values above.
Also note that doing as above will prompt you for your password when you run it, so it is best for interactive use. You can store your password in the batch script, but I would not recommend this.

14 October 2015

Restarting Windows XP Mode Virtual Machine via script

Let me give you some background into the problem that I had. I have several users who use an application that does not work on Windows 7, so I had to load Windows XP mode on their machines to allow them to access the software. The software in question uses a trusted connection to connect to a database server so the users have to logon to the Windows XP mode VM with their Active Directory credentials. This works pretty well up until the point that the user has to change their AD password. The Windows XP Mode VM never actually shuts down after the application is used, it goes into hibernate / suspended mode and therefore the users old credentials are still cached on the VM and the connection to the DB server fails.

The way to resolve this is to reboot the VM, but this is a huge pain in the butt when you have to get VNC access to a machine and run through the whole process of launching the VM and restarting it, so I made some scripts to make my life a bit easier.

Please note that you require administrator privileges on the remote system in order to execute these scripts. You could modify them to include username and password if required. The Virtual machine also needs to be running, so ask the user to open the app that is giving them issues and execute the deploy script. The user can then goto C:\scripts and run the resart-vm.bat file to restart the VM on their machine. This saves me a ton of time and I hope you find it useful.

Scripts list:
restart-vm.ps1Powershell script that restarts the Virtual machine.
restart-vm.batBatch script to execute the powershell script.
deploy-restart-vm.batScript copies the files to the remote system C:\Scripts directory. Allows input of host name.

$vpc = New-Object -ComObject "virtualpc.application" 
$vm = $vpc.FindVirtualMachine("Windows XP Mode") 

powershell -ExecutionPolicy ByPass -File C:\Scripts\restart-vm.ps1

@echo off
echo Deploy shutdown-vm script to remote host.
echo -----------------------------------------
set /p host="Please enter host name: "

echo Deploy shutdown-vm script to remote host.
echo -----------------------------------------
echo remote host: %host%
echo Making directory on remote machine
md \\%host%\c$\scripts
echo Copying files to remote host
xcopy /Y C:\Scripts\Deploy\restart-vm\restart-vm.* \\%host%\c$\scripts

Backup and Compress SQL Server Express Backup

I have multiple MS SQL express servers that I need to manage and backup and I have found that the backups can get quite large, so I looked into methods of compressing the backups. I found that there is a builtin method in SQL server, but this is only for a licensed copy of SQL server, not for the express edition. So being the hacker that I am I decided to do it myself with some scripting and 7zip.

This is the process:

  • backup SQL server DB.
  • compress backup file with 7zip. (7zip website)
  • rename the file and copy it to a backup location.
  • send an email notification that the backup completed using blat.
It sounds simple right? Well it can be a bit difficult to tie it all together so here are some scripts that I have used to achieve this.
  1. Create backup device
    • Open SQL server management studio
    • Expand Server Objects
    • Right Click Backup Devices
    • Click new backup device
    • Give the device a name (you need this for the batch script so try excluding spaces) and give it a backup path. I prefer using another disk and a simple path, something like D:\backups\db-backup.bak
  2. Backup Database Script
    • The backup batch script should look something like below, just substitute the databasename to the name of the database you are backing up and backup-location to the name of the backup device you specified above.

      sqlcmd -S localhost\databasename -E -Q "BACKUP DATABASE [databasename] TO [backup-location]"

      IF NOT EXIST "
      set subject=Backup error : SQL Backup failed
          set body=SQL Backup failed. %date% %time%
          GOTO SENDMSG
  3. Compress the backup file using 7zip and rename file
    • Again update the script below accordingly. Remember the 7zip directory needs to have no spaces otherwise the script does not work.

      set zipdir=C:\progra~1\7-Zip
      %zipdir%\7z.exe a "D:\backup\db-backup.bak" "D:\backup\db-backup-%date:~0,4%%date:~5,2%%date:~8,2%.7z"

      set subject=Backup error : 7zip failed
          set body=7zip operation failed. %date% %time% 
          GOTO SENDMSG
  4. Copy the file to a remote location
    • This is pretty simple again just update the script as per you needs

      xcopy "D:\backup\db-backup-%date:~0,4%%date:~5,2%%date:~8,2%.7z" "\\backupserver\folder" /s /d

      IF EXIST 
          set subject=Backup successful
          set body=Backup successful. %date% %time%
          GOTO SENDMSG
  5. Send email message
    • This function requires BLAT, just download blat and copy it to a directory something like C:\blat. It s a great command line app that I have used before for sending mails from some PHP scripts.

      set blatlocation=C:\blat
      set smtpserver=mail.myserver.com
      REM add addresses separated by commas
      set toaddress=address@myserver.com
      set fromaddress=address@myserver.com
      set appname=SQL Backup App

      %blatlocation%\blat.exe -to %toaddress% -i "%appname%" -server %smtpserver% -f %fromaddress% -subject "%appname% : %subject%" -body "%body%"
      GOTO END

05 October 2015

Remote Administration Using PSTools

PSTools is one of the most useful suites of applications out there for a network administrator. The toolkit consists of several command line applications that allow you to perform remote administrative functions such as interrogate processes and services. Below is a list of my favorite tools and how I use them on a daily basis. Please note that you require administrative privileges on the remote system to be able to use these tools.


pslist allows you to get a list of the running processes on a remote system. I use this to see if users are running a particular process that I want to kill on their machine or not. It can be useful to troubleshoot certain issues or just determine if a user is running a specific application on their machine.

pslist examples
get a list of all the process on the machine:
pslist \\computername

get a list of all the processes starting with i
pslist \\computername i


pskill allows you to kill a process on a remote machine. This is particularly useful if you have a user who is running an application that they shouldn't and you want to shut it down remotely without them noticing it was you or if there is a non-responsive app on a remote computer for instance I have found that adobe acrobat reader often leaves instances running in the background and consumes user resources.

pskill examples
Kill iTunes on the remote computer
pskill \\computername itunes.exe


psexec allows you to remotely execute an application on a machine. This is useful to run remote scripted installs.

psexec examples
Open notepad on the remote computer (may not be visible to logged on user)
psexec \\computername notepad.exe

Copy the batch file to the remote computer and execute it. Batch file will map a network drive and call an installer.
psexec \\computername -C remote_install.bat


psloggedon gives you a list of all the users logged onto a remote computer. This is a great way to tell who is loggedon to a machine so you can phone them up and ask them why they are running a game you just noticed using pslist.

psloggedon exampled
Get a list of users logged on to a remote computer
psloggedon \\computername