Testing command line actions as the SYSTEM account

BenKus · July 4, 2007, 4:27am

In the process of trying to install software packages, update configuration options, run applications, etc., you will sometimes run into situations where the behavior of the application differs when run as a user and when run as the SYSTEM account (and the BES Agent runs as the SYSTEM account on Windows).

These situations are sometimes difficult to identify and debug. Here is a trick to open a cmd Window in the context of the SYSTEM account for testing:

Option 1 – Use BES Custom Action to open cmd.exe shell.

Take a custom action in BES.
Target your computer.
The action should be:

run cmd.exe

After you send this action, a moment later a cmd.exe shell should open on your computer. This cmd shell will run in the context of the SYSTEM account and whatever you run from this shell will operate in the same context as the BES Agent.

Option 2 – Use the “at” command.

Open cmd.exe
Type “at <current time + 1 minute> /interactive cmd.exe”.
For instance, if it is 5:28pm, you would run:

at 17:29 /interactive cmd.exe

After you send this, wait one minute and a cmd window will appear running as the SYSTEM account. Note that this ‘at’ trick doesn’t work on Windows Vista.

Using either of these methods, you can test if your commands run differently in the SYSTEM or user context.

Ben

system · July 5, 2007, 8:31pm

(imported comment written by HGA8191)

Thanks for the tip,

I also have used psexec.exe (part of Sysinternals PSTools) to achieve running commands with the system account:

psexec.exe -i -s cmd.exe

but I think i’ll switch to your method (Option 2)

Thanks!

system · March 9, 2009, 11:50pm

(imported comment written by SystemAdmin)

When running even the latest version of QNA or RelevanceDebugger as local system, I have had problems trying to test “current user keys”.

For instance…

exists key “Software” of current user keys (logged on users) of registry

Under Vista, it works fine (True)

Under XP, I always get

“Error: The expression could not be evaluated: Windows Error: The operation being requested was not performed because the user has not logged on to the network. The specified service does not exist.”

BenKus · March 10, 2009, 11:29am

(imported comment written by BenKus)

Hmm… I don’t get that error on my XP… maybe try Lee Wei’s API Tester?

http://forum.bigfix.com/viewtopic.php?id=2756

Ben

system · March 16, 2009, 10:52pm

(imported comment written by SystemAdmin)

Ok, I tried that one too (under my user context). That one simply returns “Error:”

Though it must be something odd about my XP PC. I just tried a XP image under Virtual PC (running RD as SYSTEM), and it worked fine.

-Paul

BenKus · February 7, 2011, 1:21am

(imported comment written by BenKus)

We have had a KB article about this for a while:

http://support.bigfix.com/cgi-bin/kbdirect.pl?id=1681

Ben

cmbc · November 9, 2020, 2:43pm

Hello, i have found is simple way to do it with psexec, simply launch this comand:

psexec -i -s “C:\Program Files (x86)\BigFix Enterprise\BES Console\QnA\FixletDebugger.exe”
If not present on the client, you can just copy/paste the QnA folder from a system console admin installation…

Inside the debugger, you can test your action as bigfix account system…

Regards