December 20, 2000 10:20 PM

Remotely Control Any NT Machine

Rating: (0)
Readers
Windows IT Pro
InstantDoc ID #16162

Imagine the following situation: You have a Windows NT server that is physically inaccessible but reachable by TCP (e.g., it's in a remote office). You have the Administrator account for the machine, but you can't accomplish the task you need to perform using the standard NT management tools. In addition, the remote system doesn't have a remote control program installed. In this situation, you can install AT&T Laboratories Cambridge's Virtual Network Computing (VNC), a freeware remote control tool, without physically accessing the machine.

You'll need to complete a few steps to set up and use the tool. First, determine the Administrator password of the remote machine. Next, download the VNC distribution from http://www.uk .research.att.com/vnc and make sure you have the Microsoft Windows NT Server 4.0 Resource Kit Regini tool and the Shutdown and Netsvc tools.

After you download the VNC distribution, extract the VNC files from the distribution package. The simplest way to accomplish this task is to install VNC on a test machine. The installation automatically creates the C:\program filesorl\vnc directory, which includes all but one of the files that you need to run VNC. The missing file is omnithread_ rt.dll, and you can find it in the \winntsystem32 directory. Copy the missing file to the C:\program files\orl\vnc directory.

Next, use the following commands to copy the VNC directory to the target machine:

NET USE \\<remote machine IP>
\IPC$ /user:administrator password

MKDIR "\\<remote machine IP>
\C$\program files\orl\vnc"

COPY "c:\program files\orl\vnc" "\\<remote machine IP>
\C$\program files\orl\vnc"

For VNC to successfully run, you'll also need to create registry entries on the target machine. To load the remote target machine's registry, use the following command:

REGINI -m \\<remote machine IP> vnc.regini

Listing 1, page 28, shows vnc.regini. The Regini command registers VNC as an automatic startup service on the remote machine. In addition, it sets the default VNC password as the remote machine's password.

The final step is to start the VNC on the remote server. You can use two methods to start VNC on the remote machine: You can use the At command to schedule VNC to start, or you can use Shutdown.exe to force a shutdown. The At method is less disruptive but requires the Scheduler service to be running on the remote system. The Scheduler service isn't started by default, so you might need to use the following command to start it manually:

NETSVC \\<remote machine IP> schedule /start

To use the At method to schedule VNC to start, execute the following command to read the time on the remote server:

NET TIME \\<remote machine IP>

Then, schedule an At command to run a couple of minutes after the time that the previous command returned, as the following example shows:

AT \\<remote machine IP> 00:00 "c:\program files\orl\vnc
\winvnc.exe"

Wait a few minutes and launch vncviewer.exe to connect to the remote machine.

As a last option, you can use the Shutdown command to remotely reboot the server:

SHUTDOWN \\<remote machine IP>
 /R /Y /C /T:0

This command brings up VNC listening as a service.

—Alessandro Iacopetti
A.Iacopetti@cedacriovest.it

ARTICLE TOOLS

Want to use this article? Click here for options!

Add a Comment

If you don't feel like messing with scripting to do this, just download http://www.vncscan.com and deploy away! It has support for things that would take FOREVER to script by hand all of the time.

Dawgma11/11/2005 2:13:32 PM

I found another site describing how to change the default password. This is different than just going to the vnc server properties and setting the password there. That is setting the "user" password. To set the "default" password, open a command prompt locally and go to the vnc server directory (the one with the server executable not the viewer executable). Then type "winvnc -defaultsettings" (or different executable if using different version of vnc). This window will look just like the server properties sheet, but will indicate that it is the default settings on the menu. This will update the registry accordingly. Now import those registry settings on the remote machine.

Anonymous User 12/14/2004 11:32:41 AM

I never tried to install vnc remotely but MAY BE it is possible to use psexec instead of AT command or shutdown. psexec is a program which allow code execution on a remote machine.

Eric3/9/2004 1:07:35 PM

After you have scheduled the winvnc.exe to run at particular time, it will not be having any password and if you try to connect it says 'This server does not have a valid password enabled. Until a password is set, incoming connections can not be accepted.

Deepak Kalra 4/12/2002 3:02:27 AM

The previous post has one missing steps, this is the correct one

NET USE \\\\<>\\IPC$ /user:<>

REM Copy Everything there...
XCOPY C:\\"Program Files"\\ORL\\*.* \\\\<>\\C$\\"Program Files"\\ORL\\ /S

REM Backup the current machine vnc service registry
REG BACKUP HKLM\\System\\CurrentControlSet\\Services\\winvnc winvnc

REM Copy the backup registry file to remote machine
COPY winvnc \\\\<>\\C$\\WINNT\\SYSTEM32
REM Create winvnc service subkey in order to restore it
REG ADD HKLM\\System\\CurrentControlSet\\Services\\winvnc \\\\<>

REM Retore it
REG RESTORE winvnc HKLM\\System\\CurrentControlSet\\Services\\winvnc \\\\<>

REM Backup the current machine ORL software registry
REM This is where VNC place the password
REG BACKUP HKLM\\SOFTWARE\\ORL ORL

REM Copy the backup registry to remote machine
COPY ORL \\\\<>\\C$\\WINNT\\SYSTEM32
REM Create the ORL subkey (in order to restore it)
REG ADD HKLM\\SOFTWARE\\ORL \\\\<>

REM Restore it
REG RESTORE ORL HKLM\\SOFTWARE\\ORL \\\\<>

SHUTDOWN \\\\<> -R -T:3

James Pua 9/26/2001 10:56:15 AM

Hi, all, you may try follow this
First of all, try install one copy vnc on your local machine and set the password properly. You will need
1. REG.EXE
2. SHUTDOWN.EXE
From NTRK4.0

Then follow this

NET USE \\\\<>\\IPC$ /user:<>

REM Copy everything there...
XCOPY C:\\"Program Files"\\ORL\\*.* \\\\<>\\C$\\"Program Files"\\ORL\\ /S

REM Backup the current machine vnc service registry
REG BACKUP HKLM\\System\\CurrentControlSet\\Services\\winvnc winvnc

REM Create winvnc service subkey in order to restore it
REG ADD HKLM\\System\\CurrentControlSet\\Services\\winvnc \\\\<>

REM Retore it
REG RESTORE winvnc HKLM\\System\\CurrentControlSet\\Services\\winvnc \\\\<>

REM Backup the current machine ORL software registry
REG BACKUP HKLM\\SOFTWARE\\ORL ORL

REM Create the ORL subkey (in order to restore it)
REG ADD HKLM\\SOFTWARE\\ORL \\\\\\\\<>

REM Restore it
REG RESTORE ORL HKLM\\SOFTWARE\\ORL \\\\<>

SHUTDOWN \\\\<> -R -T:3

James Pua 9/25/2001 5:12:35 PM

I also have been unable to get this idea to work because it doesn't seem possible to set the first session password. The VNC web site mentions a registry entry "AuthRequired = REG_DWORD 0x00000000" which is supposed to allow a null password but I have yet to figure out how it works. Has anyone been able to make this work without modifing the target machine?

lateef9/18/2001 4:22:15 PM

I have found this information to be very useful. Thanks for sharing it with the rest of us!

Kevin Hartle 6/14/2001 7:58:52 AM

I agree to set the first session password is not possible unless I am missing something. I set a password on my test machine and input this registry entry into the remote machines the binary values matched however I still got a VNC session failure. The net use command posting doesn't make sense to me. How is a net use command going to set a session password in VNC? Any ideas?

Jay R. Pascarella 5/3/2001 10:48:27 AM

OK. it's quite easy to set up a password for the first session. You should type command, which looks like that
net use \\\\computername\\share "password" (type your password of course) /:username

Marcin4/3/2001 11:23:41 AM

You must log on before posting a comment.

Are you a new visitor? Register Here

windows server 2008 login scripts

I have 2 win2k8 servers one pdc and bdc. The domain is exampledom.com They are connected to 2 iscsi luns which replicate each other. We are running ac...222-96118

advertisement

GOOGLE LINKS
SPONSORED LINKS
FEATURED LINKS

White Papers

Your remote offices contain valuable electronic data – are they adequately protected? Learn how proven technologies can reliably and cost-effectively back up a branch office from a central location, in real time, to disk or tape, and even utilize existing backup solutions.

Downloads

PacketTrap IT is a comprehensive and affordable network management and application monitoring solution that solves problems associated with bandwidth, network and application performance, and connectivity. Gain insight into your network - try PacketTrapIT free for 21 days!

Web Seminars

IT administrators have to solve a myriad of problems. This web seminar outlines the ten most common systems management pains - including managing highly distributed systems and dealing with data theft/loss – and the best practices to address each.

eLearning Series

We bring the experts direct to you to share their real-world perspective and expertise. During each event, three sessions stream in real time, so you can learn, ask questions, and get solutions.
Upcoming event: Getting the Most with Exchange 2010 with Paul Robichaux

Subscribe to Windows IT Pro!

DevProConnections ITTV Left-Brain SharePointPro Connections SQL Server Magazine SuperSite for Windows Windows IT Pro

© Penton Media, Inc.

Home About Us Advertise Customer Service Privacy Statement Subscribe/Renew Terms Of Use

Windows is a trademark of the Microsoft group of companies. Windows IT Pro is used by Penton Media Inc. under license from owner.