doing updates on a network that doesn’t have a domain, yet. Want to physically touch each PC as little as possible due to requirements for masks, hairnets, jumpsuits, steel toes, hard hats etc. The plan is to use PsExec to get a cmd shell on each PC and setup SSH from there.
Install the Microsoft SysInternals package on a PC on the same subnet
Install the WakeMeOnLan software on your workstation PC, run it a few times during the day to collect MAC address information. We will use this after hours to wake up PCs that have gone to sleep.
Use psexec64 to connect to each PC
.\PsExec64.exe -i \$RemoteServer -h -u UserOnTargetPc -p SuperSecurePasswrd cmd
Install the OpenSSH service
dism /Online /Add-Capability /CapabilityName:OpenSSH.Server~~~~0.0.1.0
this is not fast, assume 3min or more if bandwidth is low. and occasionally it asks if you want to restart the PC.
Set the shell that OpenSSH uses to Powershell as we can already use PsExec to get a cmd.exe shell.
reg add HKLM\SOFTWARE\OpenSSH /v DefaultShell /t REG_SZ /d “C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe”
now we need to start the service, 2nd command sets it to auto-start
net start “OpenSSH SSH Server”
Set-Service -Name sshd -StartupType automatic (powershell)
sc config sshd start=auto (cmd)
We can now use Putty or whatever to SSH. Notice the prompt includes PS for PowerShell
Looking at the SSHD service we can see that it takes about 3MB of RAM, when someone is actively using the service.
Lets compare that to TeamViewer with nobody using the service, which takes 15MB
the footprint of the running service is important to my situation as some of the tablets in use have only 4GB of RAM
more info here https://theitbros.com/ssh-into-windows/
Change the PCs Windows Product Key; as home versions can’t join a domain (tried this multiple times, never seems to work)
slmgr.vbs /ipk xxxx-xxxx-xxxx-xxxx-xxxx
Join to a domain using the following **problem, this asks for credentials**
add-computer –domainname “YourDomainName” -restart