Error 1620 : 2250 – PsExec Access is denied

[doug]

Have a look here: Troubleshooting Errors 1611: 64 , 1620: 64 , 1611: 2250 , 1620: 2250

[myrdin]

Hi,

thanks.

– We tried with no EDR/AV installed
– We tried with Windows Firewall completely off.

I think it is some sort of policy or some weird rights settings configured deep inside Windows, just checking if someone might have any idea.

thanks any way

[doug]

Which OS is installed/running on the BatchPatch host and which OS is running on the target? Please be as specific as possible with version numbers, build numbers, service packs etc. You can actually see this info using BatchPatch under ‘Actions > Get Info > Get OS Version’

Which version of PsExec are you using?

Is ‘Tools > Settings > Use PsExec -r switch’ in BatchPatch enabled?

Thanks

[myrdin]

Hi,

batchpatch: Microsoft Windows Server 2019 Standard 10.0.17763 (SP0) [x64-based PC]

target: Microsoft Windows Server 2016 Standard 10.0.14393 (SP0) [x64-based PC]
or Microsoft Windows Server 2019 Standard 10.0.17763 (SP0) [x64-based PC]

Psexec 2.4 (also tried psexec64, with same result).

-r switch is enabled.

thanks

[doug]

I’m sorry to say that I’m not sure what could be causing this in your environment. Generally speaking this is something we would really only expect to see if an AV or HIPS or similar security or endpoint protection software was involved and was severing the connection in the middle of processing. If you haven’t already done so, I would suggest trying to run BP from a different source computer, just to ensure that there isn’t something weird going on with the particular BP computer. However, you said that things work for a few targets, so it could conceivably also be some weird issue on the problematic targets and not an issue with the BP machine. Unfortunately it’s very tough to guess at what else it might be.

[Author]

Posts