How do I shut down a Windows XP box remotely from a Linux box?
I have Windows XP running in virtual machines connected to my local network for testing purposes. The tests are done remotely. When finished, I want to shut them down remotely, from a Linux box.
ETA: Note that the Windows box runs XP Home, so there are no security / group policies.
For the Linux systems in the same setup, I do:
#> ssh root@linux-vm123 'shutdown -h now';
For the Windows systems, I should be able to do:
#> net rpc SHUTDOWN -I xx.xx.xx.xx -f -U user%pwd
But that gives me the following error:
Could not connect to server xx.xx.xx.xx
The username or password was not correct.
Connection failed: NT_STATUS_LOGON_FAILURE
The user is an administrator and the account has a password set. Do I need to set up anything on the Windows system?
ETA: Is there a way I can test just the login, i. e. without sending a shutdown command that might need other privileges or settings?
Solution 1:
Windows XP Home does not allow network logon other than via the Guest account. So you have to enable it first of all.
This gave me a new error telling me that the "logon type" wasn't permitted. Logon type was "code 3", which I found out to mean "network logon". Activating file sharing fixed this, but I have no idea why.
Of course, Guest is not allowed to shutdown the computer, so the account has to be added to the Administrators group (which is of course a massive violation of any security guidelines, but remember this is completely local, all under my desk and staying there) by issuing the following command in the shell:
net localgroup Administrators Guest /ADD
And then, you'll find out that the RPC shutdown command seems to require the winreg named pipe on the target which seems to be provided by the Remote Registry service, which is not available in XP Home. So, for now, no remote shutdown for me.
It should be noted that XP Home just isn't meant to work in a managed, professional network, but I'm choosing the systems to test on for what I'm expecting on the target machines, not what I want to use. However, a note in the net/rpcclient manpages would have been very kind...
Solution 2:
Almost there. Please escape your backslashes on a bash command line.
#> net rpc SHUTDOWN -I xx.xx.xx.xx -f -U DOMAIN\\user%pwd
#> net rpc SHUTDOWN -I xx.xx.xx.xx -f -U MACHINENAME\\user%pwd
This should work
Solution 3:
Are you specifying the Domain or Machine name:
i.e. if the machine is on a domain
#> net rpc SHUTDOWN -I xx.xx.xx.xx -f -U DOMAIN\user%pwd
or
#> net rpc SHUTDOWN -I xx.xx.xx.xx -f -U [email protected]%pwd
or if the machine is in a workgroup
#> net rpc SHUTDOWN -I xx.xx.xx.xx -f -U MACHINENAME\user%pwd
Solution 4:
In my experience there are two things that could be going wrong. The first and most common is whether or remote shutdown is allowed. In the Local Security Policy (Start -> Control Panel -> Administrative Tools -> Local Security Policy). Expand Local Policies and open up Security Options. "Network Access: Sharing and security model for local accounts" needs to be set to Classic.
As another answer has said the machine name is required, even if you have already specified an IP address. Try using something like this:
rpcclient --user='Administrator' -I x.x.x.x --command='shutdown' ComputerName