www.gsx.com | log in | register

Last update: . Author: Alan Carson .

How To Execute a Remote Command Using WinRS and Alert Profiles

Here we will look at configuring GSX Monitor to run a pop up alert on a remote machine using an Alert Profile with a Program Alert. GSX Monitor will invoke Windows Remote Management to execute a command on the target machine's Operating System. We will also look at the necessary permissions, and how to configure it so that the winrs command is issued without needing a password typed in the alert profile.

GSX Monitor | WinRM 2.0

Instructions

We are going to use Windows Remote Management (WinRM) to execute a command on the target operating system.
You will need to create a new service account and add it as Administrator of the target machine. The Local System account is not able to run this command.

 

Before you add the command line to the alert profile, it is best to execute this in a PowerShell session to observe any errors.

  1. Log on to the GSX workstation as the user you created above. This user must be an Administrator of the target machine.
  2. Launch a PowerShell x86 session as an Administrator.
  3. Test the connectivity and validate WinRM is running:
    • Test-WSMan FQDN. We are using the FQDN and not the IP address to check that it can register with a Domain.
  4. Test-WSMan should return a version of WinRM that is running and confirm connectivity:
  5. Now you can try to connect to this machine using the following command:
    winrs -r:FQDN msg.exe * Message Details.

Once you can successfully send a test remote message box as shown above, you are ready to try the command in GSX Monitor.

    1. Stop GSX Monitor.
    2. Log in to the Monitoring Station as the user created at the beginning of this article for the tests we ran previously.
    3. Run GSX Monitor as an application. It will now be running with the permissions of the logged in user.
    4. Navigate to the Alert Profiles in GSX Monitor.
    5. Select New Program Alert.
    6. Give the Alert a name and enter the following command line: winrs -r:FQDN msg.exe * $AlertMsg
    7. Test the Alert:
    8. Apply the Program Alert to the desired profile.

If GSX Monitor is running as a service, we will need to change the account used to run this.

To change the account used to run GSX Monitor as a service, do the following:

  1. Go to Services.msc.
  2. Right-click the GSX Monitor service.
  3. Select the Log On Tab.
  4. Select This account and enter the user name and password of an account with permission to run GSX Monitor.
  5. Start the GSX Monitor Service.
  6. GSX Monitor will now be running with permissions that can execute WinRM command lines on the target station.

Was this article helpful?

2 out of 2 found this helpful




Not finding what you are looking for?

Have more questions? Submit a request