T-SQL has some amazing features. In addition to being able to do all the standard SQL with ease and poise, you can also do some heavy lifting by getting to the operating system with some powerful stored procedures. I recently had the pleasure of becoming familiar with the xp_CmdShell stored procedure.
In a nutshell, xp_CmdShell provides an interface to the OS Command Shell and allows the user the same capabilities as opening and executing commands from a shell window or batch file. Imagine being able to query different parts of a remote computer’s file structure or configuration and store this information in a table for reporting. Of course, to perform these operations, you need administrative access. You must also enable the stored procedure, and for a production environment, its security must be strictly controlled to not allow access to any undesirables.
Configure xp_cmdshell in SQL Server
Using the xpCmdShell stored procedure requires enabling it on SQL Server. You can accomplish this by using the sp_Configure Stored Procedure followed by the Reconfigure statement to install the new configuration. The general syntax is: sp_Configure OptionName, ConfigValue Reconfigure
To enable the xpCmdShell stored procedure
Exec sp_configure ‘xp_cmdshell’, 1 Reconfigure
If you receive the following message: “The configuration option ‘xp_cmdshell’ does not exist or it may be an advanced option.” it is because the Advanced Options are not configured and you will need to configure them first. To do so, issue the Advanced Options Command followed by the xp_cmdshell command as follows:
EXEC sp_configure ‘show advanced options’, 1; IR Reset; WE GO
EXEC sp_configure ‘xp_cmdshell’,1 GO Reconfigure GO
Get file system output
Once SQL Server is reconfigured for zp_cmdshell, you can type commands as you would from any command shell. As an example, suppose you want to view a list of exe files that are located on a computer or server on the network for reporting purposes. This could be achieved with the following command:
xp_cmdshell ‘directory *.exe’
Production:
The C drive volume is unlabeled. The volume serial number is 9CBD-D644 NULL Directory of C:WINDOWSsystem32 NULL 01/24/2007 03:28 PM 124 928 accelerometerST.exe 04/14/2008 06:42 AM. actmovie.exe 04/14/2008 06:42 AM 98,304 ahui.exe 04/14/2008 06:42 AM 44,544 alg.exe 04/14/2008 06:42 AM 142,848 bootcfg.exe 08/04/2004 08:00 AM 15.872 expand.exe 04/14/2008 06:42 AM 24.064 extrac32.exe 08/04/2004 08:00 AM 882 fastopen.exe 04/14/2008 06:42 AM 20.992 faxpatch.exe 08/04/2004 08 :00 AM 14,848 fc.exe 08/04/2004 08:00 AM 9,216 find.exe 04/14/2008 06:42 AM 27,136 findstr.exe 08/04/2004 08:00 AM 9,216 finger.exe 04/08/ 2004 08:00 3072 fixmapi.exe 04/14/2008 06:42 23040 fltmc.exe 04/14/2008 06:42 20992 fontview.exe 04/14/2008 06:42 7680 forcedos.exe 04/14/2008 06 :42 AM 14,848 stimon.exe… 04/14/2008 06:42 AM 165,888 wuauclt1.exe 09/28/2006 06:56 PM 146,432 wupdmgr.exe 04/14/2008 06:42 AM 30,720 xcopy.exe 372 File(s) 72,569,014 bytes 0 Addr(s) 22,951,780,352 bytes free
Store command shell output in a temporary table
If you wanted to store that information in a temporary table, you could run the following command:
create table #cmdTable(outputText varchar(3000)) table #cmdTable(outputText varchar(3000)) insert into #cmdTable exec xp_cmdshell ‘dir *.exe’
in #cmdTable exec xp_cmdshell ‘dir *.exe’
exec xp_cmdshell ‘directory *.exe’
select * from #cmdTable * from #cmdTable drop table #cmdTable table #cmdTable
Store command shell output in table variable
Alternatively, you could store that information in a table variable by running this command instead:
Declare @fileTable table(col1 varchar(4000)) @fileTable table(col1 varchar(4000)) insert into @fileTable exec xp_cmdshell ‘dir *.exe’
in @fileTable exec xp_cmdshell ‘dir *.exe’
exec xp_cmdshell ‘directory *.exe’
select * from @fileTable
Other options
If you need to capture the return code, you would first declare a variable for the code and add the variable assignment in front of the command like so:
declare @ret int exec @ret = xp_cmdshell ‘dir *.exe’, NO_OUTPUT
@ret int exec @ret = xp_cmdshell ‘dir *.exe’, NO_OUTPUT
@ret = xp_cmdshell ‘dir *.exe’, NO_OUTPUT
print @ret
The @ret print would return 0 for success. An error would have returned a 1. Also note the No_Output option. This tells cmd not to direct any output to the screen.
conclusion
This is just a brief introduction to the endless possibilities at your fingertips and as I said at the beginning you can run any command that is available from the “Cmd” shell and you can combine this output with other output from other commands and store this information neatly. in a table.