Skip to main content

Remote Control/Shutdown/Restart Windows Computer

I wrote the following batch files in order to remotely control and/or remotely shutdown/restart a Windows computer from another computer on the same Local Area Network (LAN).  These scripts are useful for computers on the same LAN that are not joined to a Windows Domain.  You would not require these scripts for computers within a Windows Domain since Group Policy would allow you to control all levels of remote access.  These scripts were designed for use with Windows 7 but may in fact work with Windows Vista and Windows 8.  I have yet to test these batch files using those operating systems.

In order to maintain a high level of security, Microsoft requires that a number of policies, services and ports are configured in order for computers to be remotely controlled and/or shutdown/restarted.  The first script turns on the ability to remotely access the computer.  The second script turns off this ability.  Once the script is Run As Administrator from the computer, a reboot is not required in order for the computer to be remotely accessible from another computer on the same Local Area Network (LAN). 

These scripts are useful for use with:

  • shutdown /i

  • psexec \\X.X.X.X -u [username] -p [password] cmd

  • Microsoft Remote Desktop (RDP)

Usage:

  1. In the scripts, define the Local Administrator Password that you wish to use at the line:  net user administrator [password]

  2. Right-mouse click the script and Run As Administrator from the computer (Computer A) that you wish to allow remote control and/or shutdown/restart.

  3. From another computer (Computer B) on the same Local Area Network (LAN), browse to the UNC Path of the Remote Computer.  Example: \\[Computer Name]

  4. Login to the Remote Computer using the Local Administrator account.  Username: administrator.  Password: [You defined in the script].

  5. Browse to: \\[Computer Name]\admin$ to confirm you have access to the Remote Computer Admin Share.

  6. You can now remotely control/shutdown/restart the remote computer using: shutdown /i, psexec, Remote Desktop, etc.

remote-reboot-on-run-as-admin.cmd:

sc config remoteregistry start= auto
net start remoteregistry
sc config lanmanserver start= auto
net start lanmanserver
sc config termservice start= auto
net start termservice
sc config browser start= auto
net start browser
netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes
netsh advfirewall firewall set rule group="Remote Desktop" new enable=yes
netsh advfirewall firewall set rule name="File and Printer Sharing (Echo Request - ICMPv4-In)" new enable=yes
netsh advfirewall firewall set rule group="Windows Remote Management" new enable=yes
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0  /f
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v "LimitBlankPasswordUse" /t REG_DWORD /d 0x00000000 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v "LocalAccountTokenFilterPolicy" /t REG_DWORD /d 1 /f
net user administrator /active:yes
net user administrator [password]
net localgroup "Remote Desktop Users" administrator /add
pause

remote-reboot-off-run-as-admin.cmd:

sc config remoteregistry start= disabled
net stop remoteregistry
sc config lanmanserver start= auto
net start lanmanserver
sc config termservice start= auto
net start termservice
sc config browser start= auto
net start browser
netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=no
netsh advfirewall firewall set rule group="Remote Desktop" new enable=no
netsh advfirewall firewall set rule name="File and Printer Sharing (Echo Request - ICMPv4-In)" new enable=no
netsh advfirewall firewall set rule group="Windows Remote Management" new enable=no
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1  /f
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v "LimitBlankPasswordUse" /t REG_DWORD /d 0x00000001 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v "LocalAccountTokenFilterPolicy" /t REG_DWORD /d 0 /f
net user administrator /active:no
net user administrator [password]
net localgroup "Remote Desktop Users" administrator /add
pause
Labels:

Comments

Post a Comment

Popular posts from this blog

Access Denied (policy_denied). Your system policy has denied access to the requested URL. For assistance, contact your network support team.

While browsing the internet, you may encounter the message: "Access Denied (policy_denied).  Your system policy has denied access to the requested URL.  For assistance, contact your network support team."   This message indicates the internet traffic is being filtered.  The most common source of an internet traffic filter is in corporate environments that use a proxy server or a firewall appliance designed to filter web traffic.  Some businesses are configured as satellite locations using a VPN tunnel.  In these configurations, the VPN may be configured to filter internet traffic.  In rare instances, the Internet Service Provider is filtering internet traffic.  Typically though, your IT Department or a Network Management Team has configured your internet traffic to be filtered.  Isolating Source of Web Filtering In an environment that is unmanaged and the source of the filtering is unknown, following are some steps you may wish to peform: Th...
3 comments
Read more

Event ID: 7001 - Source: VSS - Unable to create a shadow copy

When using Microsoft Windows Server, you may encounter the error message: "Unable to create a shadow copy."  In the Event Viewer, you may find the following Event: "Event ID: 7001 - Source: VSS - Unable to create a shadow copy."  This event involves the Volume Shadow Copy Service (VSS).  Most likely the Server was rebooted while creating a Shadow Copy.  Many websites describe deleting or renaming the C:\WINDOWS\SYSTEM32\WBEM directory used by Windows Management Instrumentation to resolve this issue.  This is not correct.  Following are the steps to resolve this issue: Double-click My Computer. Right-mouse click the Hard Drive causing the problem. Click the Shadow Copies tab. Select the appropriate Volume. Click Disable. Click OK. Click Start - Control Panel - Administrative Tools - Scheduled Tasks. Delete all tasks related to the Volume Shadow Copy Service. Reboot the Server. Double-click My Computer. Right-mouse click the Hard Drive causing the problem. Cl...
Post a Comment
Read more

How do you stop an unstoppable Windows Service?

You may encounter a Windows Service in Services that has the buttons for Start, Stop, Pause and Resume greyed out.  If you attempt to stop the Service using sc stop [servicename], you encounter the error message: "The requested control is not valid for this service."  To resolve this issue, please perform the following steps: Click Start - Control Panel - Administrative Tools - Services. Double-click the relevant Service. Change the Service Start-Up Type to Disabled. Click Apply. Click OK. Hit CTRL-ALT-DEL on your keyboard. Select Task Manger. Perform an End Task on the relevant Service. This issue has been resolved. http://www.smartnetadmin.com
Post a Comment
Read more