ScreenConnect tips



  • I posted this in another thread and someone suggested I make a separate topic. So here it is!

    Below applies to ScreenConenct "Cloud" hosted version (should be the same for self hosted version).

    If you are using ScreenConenct and needs to run command-line using either windows CMD or PowerShell commands that are multi-lines or take more than a second or two to finish. Then try the below:

    For Poweshell commands:

    Paste below into ScreenConnect cmd windows / tab

    #!ps
    #maxlength=50000
    #timeout=300000
    ping 127.0.0.1
    dir 😄
    etc

    Line #1 is to use Powershell (to use plain Windows cmd see below)
    Line #2 & #3 are to allow long running commands.

    #!cmd
    #maxlength=50000
    #timeout=300000
    dir 😄
    etc

    You can use this to launch batch files from network share etc.

    Below example download and install an app (after activating / installing .Net framework 3) after downloading it from a url.

    #!ps
    #maxlength=50000
    #timeout=300000
    DISM /Online /Enable-Feature /FeatureName:NetFx3
    Start-Sleep -s 120
    $url = "http://<url to executable goes here>"
    $filename = "<name to give to downloaded executable/file>.exe"
    $client = New-Object System.Net.WebClient
    $client.DownloadFile($url, "$env:temp$filename")
    Start-Process -FilePath "$env:temp$filename" <some argument to the executablegoes here>"

    Using the above you can do quite a lot! Something along a poor man's RMM.

    Some usage scenarios:

    • Mass roll out software (tick relevant hosts then past cmd into cmd prompt windows)
    • Trigger specific taks
    • Antying that can be made to run silently via cmd line

    Keep in mind that the cmd line context (that all the cmd will run under) is by default the <WINDIR>\systems32. So you will need to issue CD to change into the directory you want before running the cmd.

    Everything runs under the [ScreenConnect] service account with Full rights to the OS.

    I will post about implementing ACL (user access control) via Custom fields so it is possible to restrict users / tech to specific hosts in a manageable manner. I will post more when I get a bit more time.



  • Add some tags when you get a chance to make it easier to find in the future.



  • Everything runs as the service the software is running under. By defualt this should be local system and you have fiull admin rights to do whatever you need here.



  • @jaredbusch said in ScreenConnect tips:

    Everything runs as the service the software is running under. By defualt this should be local system and you have fiull admin rights to do whatever you need here.

    Yes, forgot to mention that.



  • @dashrender said in ScreenConnect tips:

    Add some tags when you get a chance to make it easier to find in the future.

    How do I do this on here? I can't seem to find where to add tags.

    Thanks.



  • @360col said in ScreenConnect tips:

    @dashrender said in ScreenConnect tips:

    Add some tags when you get a chance to make it easier to find in the future.

    How do I do this on here? I can't seem to find where to add tags.

    Thanks.

    Edit the original post. Tags go in the bottom field.



  • @360col needs tons of credit from me. I had not bothered to learn about the detail of the send command function beyond doing simply things like a ping or a one off command that I knew ran quickly.

    Now I use this all the damned time..

    Here is what I did today on 7 computers at once..
    Downloaded Webroot

    #!ps
    #maxlength=50000
    #timeout=300000
    (New-Object Net.WebClient).DownloadFile('http://downbox.webrootanywhere.com/wsasmeexe/SAC5ENTXXXXXXXXXXXXexe', 'c:\SAC5ENTXXXXXXXXXXXX.exe')
    

    And then installed it.

    #!cmd
    #timeout=300000
    c:\SAC5ENTXXXXXXXXXXXX.exe
    


  • Glad you found it useful 😄

    I haven't found the time to write out details steps to make ACL (control host acess) using filters.

    Below is an example I used to install various things with download and install all in one step.

    #!ps 
    #maxlength=50000 
    #timeout=300000 
    If (Test-Path "C:\windows\temp\myapp.exe"){Remove-Item "C:\windows\temp\myapp.exe"}
    (new-object System.Net.WebClient).DownloadFile('http://www.domain.com/myapp.exe','C:\windows\temp\myapp.exe') 
    C:\windows\temp\myapp.exe /quiet /norestart


  • If you are a user of Chocolatey tools, you can install or update using the SC/CMD as well. I find that useful,...



  • I would like to add few tips that I found useful (few of them I learned during support session with screenconnect team).

    I have these session groups created:

    Computers categorized based on their hostname start. We have different standards for server and endpoints.

    GuestMachineName LIKE 'SRV*' 
    

    Filters all servers starting with SRV as a single group

    HostConnectedCount > 0
    

    This helps me to manage who is connected, used in situations when I hit a license limit or want to know who specifically connected to which session

    GuestClientVersion < '6.5' AND GuestConnectedCount > 0
    

    This shows the machines that are online and have an outdated client version. I just need to issue a reinstall command for those outdated agents.


Log in to reply