The WINRS (Windows Remote Shell) command in Windows CMD allows administrators to execute commands and scripts remotely on Windows machines. This command is integral for managing several computers from a single point without physical or remote desktop access, streamlining administrative tasks across a networked environment.


WINRS [options] command
  • command: Represents the command or script that you want to execute on the remote system.


  • -r:<RemoteTarget>: Specifies the remote computer to connect to. This can be an IP address or a hostname.
  • -u:<Username>: Sets the username for login to the remote machine. Generally used with -p.
  • -p:<Password>: Specifies the password for the user. Use cautiously, as this can expose security credentials in scripts/logs.
  • -d:<Directory>: Sets the starting directory for the remote command execution.
  • -timeout:<Timeout>: Defines a timeout in milliseconds for the remote command. If the command does not complete within this time, it is terminated.
  • -unencrypted: Disables encryption for the remote command session. Not recommended for production environments.
  • -use_ssl: Enables SSL to secure the communication with the remote machine.
  • -compression: Turns on compression for the data sent to the remote machine, enhancing performance over slow links.


Simple Command Execution:

WINRS -r: -u:Admin -p:password ipconfig

This runs the ipconfig command on the remote machine with IP

Using a Different Starting Directory:

WINRS -r:server01 -d:C:\Scripts -u:Admin -p:password myscript.bat

Executes myscript.bat located in C:\Scripts on server01.

Common Issues

  • Authentication Errors: Incorrect username or password can result in access denied. Recheck the credentials and ensure the account has appropriate permissions.
  • Network Issues: If the remote machine cannot be reached, verify network connectivity and ensure that the appropriate ports are open (default HTTP/HTTPS ports).
  • Command Timeouts: If a command timeouts frequently, adjust the -timeout parameter to a higher value, considering the complexity of the command being executed.


WINRS is often combined with batch scripts to automate tasks across multiple machines. Here’s an example of a batch file that checks disk space on multiple servers:

REM DiskCheck.bat
FOR %%i IN (server1, server2, server3) DO (
    WINRS -r:%%i -u:Admin -p:password diskpart -s list_volume.txt

This script uses WINRS to run diskpart with a specific script on each listed server, helping in quick health checks of disk volumes.

  • PSEXEC: Another tool for executing processes remotely, part of the Sysinternals suite.
  • SSH: Visits secure commands over a network, which is more common in Unix/Linux environments but available for Windows.
  • TELNET: Earlier tool for remote command execution, less secure than WINRS.

For further reading on WINRS and related technologies, check out Microsoft’s official documentation.