From http://www.sysinternals.com/ntw2k/freeware/psexec.shtml
"If you omit a username the remote process runs in the same account from which you execute PsExec, but because the remote process is impersonating it will not have access to network resources on the remote system. When you specify a username the remote process executes in the account specified, and will have access to any network resources the account has access to. Note that the password is transmitted in clear text to the remote system."
Since most of us run ServersAlive in the localsystem context, to use psexec, we need to specify credentials at the command line. As stated above, this means that every time the psexec process is triggered, those credentials are passed across the wire in plain text. I think this is what Alistair was driving at. If there is a way to do this where the credentials are not transmitted in the clear and the commands are encrypted it would have a serious advantage over psexec.
I am not an expert. Correct me if I'm wrong.
Nate
From: "Harald Bilke" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: [SA-list] Remote command as alert
Date: Tue, 23 Nov 2004 14:34:10 +0100
MIME-Version: 1.0
Received: from woodstone.nu ([208.255.176.2]) by mc7-f5.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Tue, 23 Nov 2004 05:37:40 -0800
Received: from LPNW5.lanplus.de [62.157.143.36] by twinstar.com (SMTPD32-7.15) id AC9C64950122; Tue, 23 Nov 2004 08:35:24 -0500
Received: from dellhry by LPNW5.lanplus.de (Unoverica 2.90l)id 00000DFC; Tue, 23 Nov 2004 14:35:26 +0100
X-Message-Info: JGTYoYF78jGQzCwDe0BmvFdWLhA4oZaR
References: <[EMAIL PROTECTED]>
Organization: lan+, G�ttingen
User-Agent: Opera M2/7.54 (Win32, build 3865)
X-RBL-Warning: REVDNS: This E-mail was sent from a MUA/MTA 62.157.143.36 with no reverse DNS entry. [2-11-5800]
X-Declude-Sender: [EMAIL PROTECTED] [62.157.143.36]
X-Note: This E-mail was scanned by Declude JunkMail (www.declude.com) for spam.
X-Spam-Tests-Failed: REVDNS
Precedence: bulk
Return-Path: [EMAIL PROTECTED]
X-OriginalArrivalTime: 23 Nov 2004 13:37:40.0615 (UTC) FILETIME=[9A6E0170:01C4D161]
Hi/3
On Tue, 23 Nov 2004 14:08:02 +0100, Dirk Bulinckx <[EMAIL PROTECTED]> wrote:
psexec is not integrated into SA, it's an external command to run...
Okay from an "ease-of-use point-of-view" you are right. You have to download pstools from sysinternals, have to plough thru the (small) docs/help screen etc. Having it in ServersAlive you and/or the admin has more control.
And there might be some diffs in what context your service and a remote command might run.
But still I think most admins should be able to utilize the psexec and if there are some other tasks in the queue I'd tend to set "remote execution" lower on the agenda.
Just my 2 eurocents
Harald
BTW: I really like ServersAlive and always come back to it.
--
Mit freundlichen Gr�ssen / Sincerely
Harald Bilke, lan+, G�ttingen
Dateianh�nge mit folgenden Erweiterungen werden gel�scht/We won't accept the following attachments:
exe, scr, pif, vb[es], js, jse, ws[fh], sh[sb], lnk, bat, cmd, com, ht[ab]
Using Opera's revolutionary e-mail client: http://www.opera.com/m2/
-------------------------
[This E-mail scanned for viruses by Declude Virus]
To unsubscribe from a list, send a mail message to [EMAIL PROTECTED] With the following in the body of the message: unsubscribe SAlive
-------------------------
[This E-mail scanned for viruses by Declude Virus]
To unsubscribe from a list, send a mail message to [EMAIL PROTECTED] With the following in the body of the message: unsubscribe SAlive
