0

Good day

A little background to tell that I have no malicious intents with my question: I am about automatizing my home and make good progress: several dozens of devices can be switched on and off programmatically from any PC in the household using my VB6 application (and there are other features, such as locking a device to prevent it from being turned off).

Now the next step is to implement a self-developed script language to automatize sequential tasks. The language defines programs in task folders. For example does one such program, called "Good Night", have the task to shut down all "non-vital" machines for the night.

But no matter how I try, I seem not to be able to force a PC in my LAN to shut down properly (i.e., to shut it down, or better yet put it into hibernation). Of course I can take away the PC's power, but well...

Shutdown /s /m \\ComputerName seems like the natural choice, but allegedly it does not work for a remote computer after Windows XP. It certainly does not work in my Windows 8.1 environment: it terminates with "Access denied (5)". Running cmd as administrator does not give me the desired access.

How can I achieve my task via the shell? (Or VB6, of course, but when possible via the shell, I should manage in VB6 as well.)

Thanks in advance!

Improve this question
3
  • Why would you invent your own scripting language and not use something that is well established? If you do get an Access denied it's likely that you're lacking permissions. Did you try to supply appropriate credentials? Which would be credentials of the remote machine.
    – Seth
    Commented May 6, 2017 at 13:00
  • @Seth, how would I provide credentials with the Shutdown command in the command prompt window?
    – Herb
    Commented May 6, 2017 at 13:08
  • Running shutdown by itself uses the credentials of the currently logged on user. If those credentials are not for a user on the remote machine with permission to shut it down remotely, you get access denied. Use PSShutdown (from SysInternals; Google it) to do a remote shutdown and be able to specify different credentials.
    – I say Reinstate Monica
    Commented May 6, 2017 at 13:34

2 Answers 2

Reset to default
1

The shutdown command DOES work, but you need to enable it on the target Computer. Therefore search the Internet for "remote shutdown token filter policy".

Secondly you need to authenticate on the remote Computer in order to be allowed to execute the showdown. The shutdown command does not provide a functionality to transmit logon credentials, so you need to send them on a different way before doing the shutdown. I suggest you map a network drive for that purpose. Works well for me. You don't need to create a network share on the target just for that, use IPC$ instead.

Notice: you need to logon on the target with credentials of the target Computer! The local rights of these credentials are not relevant; the target user may not even exist locally. AND the target user must have sufficient privileges to shut down the target.

Improve this answer
8
  • Thanks, this looks promising. So I went to a target machine and in its registry I created the DWORD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LocalAccountTokenFilterPolicy with a value of 1. That's what was required as per your first paragraph, right? Not sure about the following paragraph, though. Simply using net use \\MachineName\IPC$ does not suffice, obviously. As you indicate in the last paragraph, the target computer's credentials need to be supplied, but how, and what do you mean by "the target user may not even exist locally".
    – Herb
    Commented May 7, 2017 at 5:43
  • Okay, I got it. The user: argument required the addition of the workgroup in order to function. Now the desired machines shut down as desired. Thank you!
    – Herb
    Commented May 7, 2017 at 6:12
  • 1
    The target user does not have to exist locally. Thats what I meant. You want to connect to the target computer, so you must use the user accounts of that computer. Any users on your local PC are not needed for the remote shutdown. You even don't need local admin rights. You only need sufficient rights on the target.
    – Tobias Knauss
    Commented May 7, 2017 at 6:44
  • Additionally I should remark, that on the target machine also the Remote Registry Service needs to be enabled (Ctrl+R, services.msc, right-click Remote Registry, Properties, change Manual to Automatic), and you also need to allow WMI to get past the firewall (Windows Firewall, Allow a program, Change settings, Windows Management Instrumentation (WMI), check Home/Work). When done, restart the target.
    – Herb
    Commented May 9, 2017 at 12:41
  • @Herb: that was not necessary on my computers.
    – Tobias Knauss
    Commented May 9, 2017 at 12:55
0

There are three ways to run windows commands remotely.

  1. Use Sysinternals' PSExec

  2. Use WMI to run remote commands

  3. Use ControlUp to run remote commands

You can find detailed information here.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .