PsExec (Thanks Google!)
Last week while working on a Domain Controller for a rarely used domain, I ran into a challenging issue. I couldn’t login to the DC! (Thanks MS for not allowing local logins on Domain Controllers)! RDP responded fine, I could manage it remotely (and this view logs), but could not actually login via RDP or the console. After working with another admin, we discussed the possibility of bad DNS entries, but had no way to check.
In comes google! A quick search refers to me PsExec. I was able to remotely execute a command from another machine on the same domain (this way I don’t have to specify credentials, PsExec will just run as the account I’m logged in as), to the DC.
psexec \\SERVER ipconfig /all
Running this command revealed two things:
1. Primary DNS was set to itself, and the DNS server service was not running
2. Secondary DNS was pointed to a DNS server that had recently been demoted
Now I needed to change DNS to a valid server. I was able to do this again by using PsExec!
psexec \\SERVER netsh interface ip add dns "local area connection" addr=192.168.1.1 index=1
The above command will use PsExec to change the IP interface named “local area connection” on SERVER to 192.168.1.1 index=1 changes primary DNS, index=2 will change secondary.
After making this change, The DC was able to access DNS, authenticate a user, and I was able to login and work on the server.
PsExec, (along with PsTools, and the entire Sysinternals Suite, see link in the ToolBox) truly is one of those tools every admin should be aware of. It allows you to remotely configure firewalls, change from DHCP to static IPs, flush DNS cache, and the list goes on and on. In my case, it turned what could have been a serious problem into a relatively easy fix.
Tags: command, DNS, dns server service, Domain, flush dns cache, ip interface, login, primary dns, PsExec, pstools, server
