Cyber Security

Active Directory: Send Messages to all currently logged on Users (msg.exe)

Do you remember the net send command? And do you remember the security concerns? Last week I played with msg.exe. Msg is the “new” net send. I tried to send a message to all users and computers in my domain. Why? I wanted to instruct all users to close all open programs. And now I want to keep and share this knowledge in form of this blog post.

Introduction (msg.exe)

Msg sends a message to a user. This user must be logged in as a domain user (Domain Profile). Which means that the following only works in a domain environment. For network technicans: msg uses Port 445 (SMB/CIFS). If you send a message to a user you have to provide a computername and a username. Or you can try sending a message to yourself:


msg * "Hallo, this is a test!"

1.PNG

* means, that the message is send to all logged on users. Keep in mind that Windows is a multi-user operating system. Don’t forget the others! 😉

Prerequisites

The headline is somewhat misleading. Yes, we are going to send messages to all users, but actually to all computers. Suppose all your client computers are stored in specific Organizational Unit called Workstations. You want to inform all users logged on to this computers. I am going to use Invoke-Command. Make sure, your client computers accepts Remote PowerShell commands. You can run Enable-PSRemoting on each of them. Or you could configure WinRM by using Group Policies:

https://social.technet.microsoft.com/wiki/contents/articles/33634.enable-powershell-remoting-via-group-policy-on-windows7windows-server-2008-r2.aspx

Summary

  • All Computers must reside in the same domain
  • WinRM has to be enabled on the client computers by running Enable-PSRemoting or by configuring via Group Policies, as described in the link above. Note that on Windows Server 2012/2016 operating systems WinRM is enabled by default, but not on Windows Client systems.

Sending Messages to all Users: PowerShell and Msg.exe in Action

The following One-Liner gets all the computernames of the OU Workstations in the domain sid-500.com. Afterwards msg is executed for each computer in the OU Workstations. The message is send to all users which are currently logged on.


(Get-ADComputer -SearchBase "OU=Workstations,DC=sid-500,DC=com" -Filter *).Name | Foreach-Object {Invoke-Command -ComputerName $_ {msg * "Please close all open files. The Server will be shut down in 5 Minutes"}}

1.PNG

Client01 is a member of the OU Workstation. Client01 receives the message.

1.PNG

Have fun playing with msg!

See also

For more remote actions see also:

PowerShell: Enable Remote Desktop on multiple Servers remotely (Bulk)

PowerShell: Using Restart-Computer to restart your Computer and Remote Computers

10 replies »

  1. Thanks for your post, I am wanting users to be able to send a message to all logged on users that are domain members. In Windows Server 2008R2 a user with standard permissions was able to do this, however it appears that only domain admins can invoke the msg.exe command to send messages.

    I have contacted MS about this and they seem to agree that standard users can not use the msg.exe command. Have you experienced this?

    What I want is to develop a basic batch file that, when executed by clicking a shortcut in the taskbar, will send a message to all logged on users that the person who executed the command is in distress and needs assistance. It worked well in Server 2008R2 but I cant for the life of me get it to work in Server 2016.

    The command I used was:

    msg * “HELP Feeling Threatened”

    It sent all logged on domain users that message and also showed who it came from.

    Wondering if you have any ideas?

    Thanks,

    James

    Like

    • Sorry, no ideas. But you can try to run your Help Message as an administrator and store the password for this account encrypted. More about this in my Article Protect-CmsMessage (Public Key/Private Key)

      All the best,
      P

      Like

  2. all prerequisite setup i have tried but its not working.

    In 2016 AD server.
    run this command in power shell:

    (Get-ADComputer -SearchBase “OU=Division,DC=test,DC=com” -Filter *).Name | Foreach-Object {Invoke-Command -ComputerName $_ {msg * “This is Test Message”}}

    error message showing:

    [PROXY] Connecting to remote server PROXY failed with the following error message : The WinRM client cannot process the request because the server name cannot be resolved. For more
    information, see the about_Remote_Troubleshooting Help topic.
    + CategoryInfo : OpenError: (PROXY:String) [], PSRemotingTransportException
    + FullyQualifiedErrorId : ComputerNotFound,PSSessionStateBroken

    is there any idea to resolve this issue

    thanks a lot
    Regards
    Abhi

    Like

    • Hi!

      ***EDIT***

      The error message says that the name (DNS Name) could not be resolved. Try to ping the Computer by name.

      Thank you for the comment.
      I would recommend checking Windows Firewall and most importantly the WinRM Settings.
      Note the prerequisites in the article. You have to enable remote Management on Windows Client Operating Systems.

      All the best,
      P

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s