PS Tools is a resource kit that is part of the Windows Sysinternals suite of tools provided by Microsoft. It’s free to download and easy to get started using this variety pack of goodies. Mainly geared for system administrators in the business sector, PS Tools provides a variety pack of commands that can be run to help a sys admin out in their day-to-day tasks. Some of the top tools that I’ve used are PsLoggedOn, PsShutdown, PsExec, and PsKill. I’ll highlight their uses and basic syntax below (ensure that you are in the parent directory of PS Tools before running the commands in the command prompt).
PsLoggedOn – if you’re trying to figure out who is logged onto a remote computer, this is the best tool to use that I’ve found (there are others out there like NetUsers or even Windows Server’s ‘Remote Desktop Services Manager’ or ‘query’ command). Common syntax is:
PsShutdown – does exactly what you would think it does….yes, it shuts down a remote computer. Interestingly enough, it can also reboot, log off, and lock a remote computer as well. For our purposes, the basic syntax to shutdown a remote system is:
PsExec – this is a great tool to execute or run remote processes on remote systems. This command is a little more tricky since you can pass specific options to run a process or executable, and these options might not exactly be options (more like requirements depending on the scenario). So if you have an executable file on your server where PS Tools runs and you want it to run on a remote server, the syntax would involve copying the executable onto the remote system and running it (-c is used to specify the copy portion and test-application.exe is the name of the executable that you want to run remotely):
PsExec.exe \\SERVER-NAME -c C:\test-application.exe
PsKill – another great tool that I’ve used frequently to kill processes remotely. If you’ve used Windows for a while and start to remember process names that could typically be running, then you don’t need to use PsInfo to gather the process information or IDs. In the case that you have a great memory, just run PsKill using the following syntax (notepad.exe is an easily remembered process, along with word.exe, excel.exe, outlook.exe, iexplore.exe, firefox.exe, explorer.exe, etc):
PsKill.exe \\SERVER-NAME notepad.exe