I would move the first quote to in front of the c:\windows and maybe add user permissions to the remote box in the command line.
From: [email protected] [mailto:[email protected]] On Behalf Of Michael Leone Sent: Tuesday, July 18, 2017 9:02 AM To: [email protected] Subject: [NTSysADM] Running a command with parameters using PSEXEC Notice: This email is from an outside source. Please do not open any attachments, click on any hyperlinks, or respond without first confirming the authenticity of the email. OK, so I'm just stupid today (altho today isn't really any different than any other day ..) I want to run "klist -li 0x3e7 purge" on one of my servers, and I want to do it remotely. So I tried to fire up PSEXEC to do it, and I'm passing the arguments wrong, somehow. C:\SysinternalsSuite>psexec \\dctrweb026<file:///\\dctrweb026> c:\windows\system32\klist "-li 0x3e7 purge" PsExec v2.11 - Execute processes remotely Copyright (C) 2001-2014 Mark Russinovich Sysinternals - www.sysinternals.com<http://www.sysinternals.com> Usage: klist.exe [command] Command list: [tickets] [-lh <LogonId.HighPart>] [-li <LogonId.LowPart>] tgt [-lh <LogonId.HighPart>] [-li <LogonId.LowPart>] purge [-lh <LogonId.HighPart>] [-li <LogonId.LowPart>] sessions [-lh <LogonId.HighPart>] [-li <LogonId.LowPart>] kcd_cache [-lh <LogonId.HighPart>] [-li <LogonId.LowPart>] get <SPN> [-lh <LogonId.HighPart>] [-li <LogonId.LowPart>] [-kdcoptions <options>] add_bind <DOMAIN> <DC> query_bind purge_bind c:\windows\system32\klist exited on dctrweb026 with error code -1. So what did I do wrong on the PSEXEC invocation? I gave it the machine to run on; the full path to the command I want executed; and the arguments for that command. That's what the help says to do. I obviously have rights to do it, but I'm not sending the parameters to klist correctly. It's got to be something simple, and I'll feel like a moron, once somebody points it out to me. But that won't be the first time .. Clues, anyone? (target is Win2012 R2, if it matters) This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email.
