When working with PsExec from Sysinternals, many administrators encounter a common frustration: the standard output redirection operators (>, >>) only capture PsExec's own status messages, not the output of the remotely executed command.
Consider this typical attempt:
psexec \\\\myserver ipconfig > output.logThis creates output.log containing only:
PsExec v1.95 - Execute processes remotely Copyright (C) 2001-2009 Mark Russinovich Sysinternals - www.sysinternals.com ipconfig exited on myserver with error code 0.
The remote process output isn't captured because:
- PsExec spawns the remote process in a separate session
- The I/O streams aren't properly chained back to the local console
- Output redirection only applies to PsExec's own stdout/stderr
Method 1: Using cmd /c with Remote Temporary File
This approach writes output remotely then copies it back:
psexec \\\\myserver cmd /c "ipconfig > C:\\temp\\remote_output.txt & type C:\\temp\\remote_output.txt" > local_output.logMethod 2: Direct Pipe to Local File
A cleaner one-liner alternative:
psexec \\\\myserver cmd /c "ipconfig" | find /v "PsExec" > local_output.logMethod 3: Using PowerShell Remoting (Alternative)
For modern systems, consider this PowerShell approach:
Invoke-Command -ComputerName myserver -ScriptBlock {ipconfig} | Out-File local_output.txt- Ensure proper permissions on both systems
- Network shares must be accessible if using temporary files
- The remote command's execution context affects output visibility
- Some commands might require interactive session flags
If output is still missing:
- Try adding
-iflag for interactive processes - Test with
cmd /cexplicitly - Verify network connectivity and firewall settings
- Check both local and remote permissions
When working with PsExec from Sysinternals, many administrators encounter a common frustration: standard output redirection operators (>, >>) capture PsExec's own status messages rather than the output of the remotely executed command. This occurs because of how PsExec handles process execution and output streams.
The attempts in the original question represent common redirection patterns:
psexec \\\\myserver ipconfig > output.log # Redirects STDOUT only
psexec \\\\myserver ipconfig >> output.log # Appends STDOUT
psexec \\\\myserver ipconfig 2> output.log # Redirects STDERR
psexec \\\\myserver ipconfig > output.log 2>&1 # Redirects both streamsNone of these work as intended because they capture PsExec's process output, not the remote command's output.
Here are three reliable approaches to capture the actual remote command output:
Method 1: Using cmd.exe Redirection
psexec \\\\myserver cmd /c "ipconfig > C:\\temp\\remote_output.txt"
type \\\\myserver\\C$\\temp\\remote_output.txt > local_output.logThis method creates the file on the remote machine first, then copies it locally.
Method 2: Direct Network Stream Capture
psexec \\\\myserver cmd /c "ipconfig" | findstr /v "PsExec" > output.logThe findstr command filters out PsExec's header/footer messages.
Method 3: PowerShell Alternative
$output = Invoke-Command -ComputerName myserver -ScriptBlock { ipconfig }
$output | Out-File -FilePath .\output.log- Ensure proper permissions on both local and remote systems
- Network shares must be accessible for file transfer methods
- Some commands might require admin privileges (use
-hwith PsExec) - For large outputs, consider compressing the data before transfer
For long-running processes where you need live output:
psexec \\\\myserver -d cmd /c "ping -t google.com > C:\\temp\\ping.log"Then monitor the file continuously on the remote machine.
If you encounter issues:
- Verify PsExec connectivity with basic command first
- Check firewall settings on both machines
- Test with simple commands before complex scripts
- Consider using
-accepteulaflag to suppress license prompts