psexec cover

Using PsExec to Run Commands Remotely

The PsExec is an easy Windows utility to replace the telnet tool. It allows you to run programs and processes on remote systems, using all the features of the interactive interface of console applications, without having to manually install the client software. The main advantage of PsExec is the ability to invoke the interactive command-line interface on remote systems and remotely run programs (in the background and the interactive mode) and execute any commands.

The PsExec utility is one of the most popular programs of the PsTools package from Sysinternals. You can download it on this page:


In order to use the utility, simply copy it to the folder on your computer (it is convenient to copy it to the default executable folder C:\Windows\system32) and run it from the command prompt or PowerShell console.

How Does PsExec Work?

In the resources of the executable file PsExec.exe is another executable file – PSEXESVC, which is a Windows service file. When installing a connection to a remote computer, the PsExec utility copies this file to the hidden administrative folder of the remote computer Admin$ (C:\Windows\system32\psexesvc.exe).

Then PsExec installs and starts the PSEXESVC service using the Windows functions API for managing services. After running PSEXESVC between this service and the PsExec program on your computer, a connection is established for data transfer (command input and output of results). When the work is completed, PsExec stops the service and automatically removes it from the remote computer.

The syntax for PsExec is as follow:

psexec \RemotePCName [-u username[-p password]] command [arguments]

You can not set the user name and password, then the remote process starts on the remote computer from the same account as the PsExec program. If you need to execute commands on a remote system under a different user, keep in mind that the password is sent over the network to the remote system in clear text.

When you start PsExec for the first time, you need to accept Sysinternals License Agreement.

psexec exe

As an example, we will purge the DNS cache on the remote computer lon-srv01:

psexec \lon-srv01 ipconfig /flushdns

psexec exe tool

The command will be run on the lon-srv01 computer under your credentials. After ipconfig finishes, all text output will be transferred to your computer, and the error code will also be returned. If the command was successful, you will see 0.

If you need to run several commands, it’s best to set up an interactive session with the remote computer. To do this, enter the command:

psexec \lon-srv01 cmd

Now commands that were typed on the local computer will run on the remote lon-srv01 computer.

psexec exe utility

To end a remote session with the Psexec type exit.

Run the Command Simultaneously on Multiple Computers With PsExec

PsExec allows you to run the command simultaneously on multiple computers. To do this, you can enter the computer names separated by commas: psexec \\PC1,PC2 or save them in a text file and then specify its address: psexec @c:\ps\computer_list.txt. If instead of the computer name you put an asterisk (psexec \\*), then the command will be executed on all computers of the domain.

PsExec has one interesting feature. If you do not specify a computer name, then the command is executed by default on the local system. You can run programs under the system account by using the -s switch. For example, run the CLI session: psexec -s cmd and then check which user you are currently logged on with whoami. As you can see, the console is started from NTauthority\system account.

psexec exe windows

Using the -c switch, you can specify the name of the file that you want to copy to the remote system and execute there. For example:

psexec \lon-srv01 -c c:\ps\myapp.exe

By default, PsExec executes commands in hidden mode (you won’t notice any windows or dialogs on the remote system where the command is executed). However, you can change this with the -i option. After that, you can specify the session number in which you want to display the console PsExec windows, or you can not specify, then the interface will be displayed in the console session.

Full information about all the parameters of the PsExec can be obtained by simply entering the command psexec in the command line without parameters.

psexec exe program

You may also like:

Deploy LGPO with MDT 2013 Local Group Policy (LGPO) of computer is configured through gpedit.msc snap-in, which does not provide the possibility to export/import settings. That...
How to Migrate User Profiles with User State Migra... One of the most popular tools to migrate user profiles from one Windows computer to another is the set of CLI utilities – User State Migration Tool (U...
How to Mount Windows Folder into VMware ESXi In this article we will take a look on how to connect a network folder from Windows 2012 R2 Server as a datastore on the VMware ESXi host and use it t...
Store BitLocker Recovery Keys using Active Directo... In a domain network, you can store the BitLocker recovery keys for encrypted drives in the Active Directory Domain Services (AD DS). This is one of th...
How to Setup FTP Server in Windows 10? FTP (File Transfer Protocol) is a popular Internet data transfer protocol. You can use FTP to transfer files between a remote server and a local PC. F...
  1. Posted by manofcode
  2. Posted by Vinod
    • Posted by Me
  3. Posted by Igor
  4. Posted by krishna

Add Your Comment