How Push Deploy works
1. ADMIN$ access to the remote
2. .NET v3.5 installed on the remote machine
3. WMI access to the remote machine.
Admin$ is used to create a remote folder and copy our self-extracting exe which contains all the files needed to run.
Via the admin$ (which connects to the windows folder on the remote machine), we use a file check for a specific file where .NET 3.5 should be located. This tells us if that requirement is met.
We use WMI to create a process on the remote machine that runs the self-extracted file we copied. This does the extract.
Based on the push utility, WMI is used again to create the process to run the given collection.
WMI is used over and over at different intervals to check if the process is still running.
Once it is not running, Admin$ is used again to pull back the given output file (cdf, sdf, hdf) for the push type.
How Push Deploy Works
Have more questions?
Was this article helpful?
Provide feedback for the Documentation team!
Browse this section
- Microsoft Cloud Assessment - Activity Reports generated with usernames encrypted
- Microsoft Cloud Assessment User Guides
- Network Detective Application User Guide
- How to use the Push Deploy
- Configuring GPO to set Remote Registry Service to Automatic
- Restore administrative shares - Admin$ - if missing from Windows Computer Management
- Network Detective Data Collector Command Line options
- Do I need a Network Scan even if I'm only doing workstations?
- How Push Deploy Works
- What ports to open for MBSA?
- See more