Remote use of Microsoft SysInternals: example Procdump

Download the MicrosoftSysinternalsSuite and move it to your Server.

Unzip it anywhere you want it to place

In our example I used procdump because I needed a dump from a user to send it to the vendor.

Go in sysinternals and search for your needed program:

Afterwards copy it via unc path to the user’s computer. In case of Procdumb you need to copy both executable. I created the folder temp there.

Afterwards you need the PID of the Programm you want to check. I needed wfica32.

If the user doesn’t have the right to execute taskmanager or extend the view for the PID, you can find out the PID with a Powershellcommand:

Get-Process -ComputerName NameOfUserComputer -Name ProcessName

Afterwards open a CMD and move to your sysinternalsuite folder on your server

Then execute following:

PSEXEC \\<computername> c:\temp\procdump.exe -e -ma -h <PID>


Popular posts from this blog

Export a list of all XenApp 7.x published applications via Powershell

Implementing Single Sign On with NetScaler and Kerberos Constrained Delegation (KCD)