world !
I'm very new to the scripting world but I'm currently trying to automate a process a work that involves in moving a folder and its contents to the windows directory on C:.
currently, I have this
Copy-Item -Path "C:\Java Config Files*" -Destination "C:\Windows\" -R
it's returning with an error message
Copy-Item : Access to the path 'C:\Windows\Java Config Files' is denied.
any thoughts how I can elevate privileges without having to run the script as admin? or if there is a cmdlet that could achieve this?
fixed by running as admin by adding runAS cmdlet
Related
So here is the situation, I am trying to automate the copy of some files that are in a network drive into a local folder on one of my servers. The task seems to be simple and when I try the code with PowerShell or with x copy in the command line both are working pretty great.
I've installed a Jenkins agent on this Windows server 2016 server and run the agent as a service. When I try to run the same code from the Jenkins agent, it is never working.
I tried starting the agent service as local system and as the windows network administrator who has all the right
I tried with PowerShell those lines :
Copy-Item -Path "\\server IP\directory\*" -Destination "D:\Directory\" -Verbose
and
Copy-Item -Path "z:\*" -Destination "D:\Directory\" -Verbose
Both return no error but did not copy the files, and when I tried the same code with x copy I just receive no file found and the file was not copied
xcopy "\\server IP\directory\*" "D:\Directory\" /f /s /h /y
xcopy "z:\*" "D:\Directory\" /f /s /h /y
With PowerShell, I also tried inserting the copy-file command into a script and only calling the script with the Jenkins agent, and it also didn't work
I am now running in a circle and wonder how are we supposed to work with the network drive with the Jenkins agent? Or what I am doing wrong ?
Note that other PowerShell code are working great locally.
I tried starting the agent service as local system and as the windows network administrator who has all the right
Local system doesn't have any network permissions by default. This is the machine account, so you would have to give the machine access to "\\server\share". It is not advisable though, because permissions should be granted on finer granularity. Also, local system has too many local rights, which Jenkins doesn't need.
I don't know what you mean by "Windows Network Administrator". It sounds like this one would also have too many rights.
Usually, one creates a dedicated Jenkins (domain) user. This user will be granted access to any network paths it needs. Then you have two options:
Always run Jenkins service as this user (easiest way).
Run Jenkins under another local user and connect to network drives as the domain user only on demand: net use \\server\share /user:YourDomain\Jenkins <Password>. This adds some security as you don't need to give any local permissions to the domain user.
Both return no error but did not copy the files
To improve error reporting, I suggest you set $ErrorActionPreference = 'Stop' at the beginning of your PowerShell scripts. This way the script will stop execution and show an error as soon as the first error happens. I usually wrap my PS scripts in a try/catch block to also show a script stack trace, which makes it much easier to pinpoint error locations:
$ErrorActionPreference = 'Stop' # Make the script stop at the 1st error
try {
Copy-Item -Path "\\server IP\directory\*" -Destination "D:\Directory\" -Verbose
# Possibly more commands...
# Indicate success to Jenkins
exit 0
}
catch {
Write-Host "SCRIPT ERROR: $($_.Exception)"
if( $_.ScriptStackTrace ) {
Write-Host ( "`t$($_.ScriptStackTrace)" -replace '\r?\n', "`n`t" )
}
# Indicate failure to Jenkins
exit 1
}
In this case the stack trace is not much helpful, but it will come in handy, when you call functions of other scripts, which in turn may call other scripts too.
I need help with powershell script I need create script for deployment for many workstations which I push to the machines via deployment tool. I need uninstall app AzInfoProtection.exe the problem is that the path for this SW is different for each computer. So I don´t know I need find path by the executable file and after this create the command to uninstall it.
app name: AzInfoProtection.exe
Path somewhere: C:\ProgramData\Package
Cache**\
I found this but I don´t know how can I get from the output the path
Get-ChildItem -Path "C:\ProgramData\Package Cache" -Filter AzInfoProtection.exe -Recurse -ErrorAction SilentlyContinue -Force
So I need script that will uninstall this SW on many computer and the command for uninstalltion should be:
"C:\ProgramData\Package Cache{ca644579-3d97-4c24-8bf0-a4ccd297b6a6}\AzInfoProtection.exe" /uninstall /quiet
this part is fro each computer different {ca644579-3d97-4c24-8bf0-a4ccd297b6a6} so I need script which find it.
I will be glad if you help me,
thanks
I am trying to write a complex unattended install script that installs from a network directory. I'm running PS in administrator mode with bypass security.
When I run:
Start-Process "\\192.168.5.7\MSChart.exe" -ArgumentList "/q" -Wait
I get:
How can I bypass this without adding the network location as a trusted server? Ideally simply using PowerShell. I've tried Unblock-File, no luck.
The network share is not trusted by your computer, hence it warns you. You would have to add the share to the trusted zone in the systems internet settings, and allow "launching programs and unsafe files".
You cannot bypass it, but
add the required configuration to the registry
or copy the files locally and run it from there
using PowerShell
You can bypass the warning by adding -NoNewWindow as in Start-Process "\\192.168.5.7\MSChart.exe" -ArgumentList "/q" -Wait -NoNewWindow.
You should however leverage DNS for your path (e.g. \\share.domain.com\file.exe) and ensure the URI (share.domain.com) is in your system 'Trusted Sites' or 'Intranet Sites' list or you may still be blocked. Copying the file to the local system first may also fix the problem.
Reference: https://social.technet.microsoft.com/Forums/en-US/92eab96d-fe1a-4119-a5bc-f171d517466a/getting-open-file-security-warning-using-startprocess?forum=winserverpowershell
Maybe you want to Unblock-File and accept all of the risks that come with that and then try to execute it?
I don't recommend anyone EVER run a script like this:
function Unblock-Dir()
{
gci -Directory | % {
push-location $_ ;
gci | % {
Write-Host "Unblocking $_";
Unblock-File $_
}
Unblock-Dir ;
Pop-Location
}
Unblock-File -path .\*
}
It's just too dangerous.
I have a Powershell script to create a self-extracting archive via 7zip. But it's receiving this error:
cannot find specified SFX module
The Powershell code is:
set-alias sz "$env:ProgramFiles\7-Zip\7z.exe
sz a -t7z -sfx -ppassword $fullpath $filetostore
Both variables are valid. I've tried -sfx and -sfx7z.sfx, same error. The 7z.sfx file is indeed in the correct folder with 7zip. I can also verify the alias is working, as the 7zip copyright appears when running the code (so 7zip commandline is being initiated). This command works outside Powershell.
I'm also tried Set-Location into the 7zip folder, but same error. What am I missing?
It seems you should add the 7-zip folder to your PATH environment variable to make things easier :
#find the 7-zip folder path
$7zPath = (Get-ChildItem "C:\Program Files","C:\Program Files (x86)" -Include "7-zip" -Recurse -ErrorAction SilentlyContinue).FullName
#add it to PATH environment variable
$env:Path += ";$7zPath;"
Then you can run 7z -sfx with no errors about the SFX module.
While Sodawillow has an answer that will work for the active session, a more permanent answer would be to add 7zip to the path for the Environment you are working in:
[Environment]::SetEnvironmentVariable("Path",$env:Path+";C:\Program Files\7-zip", [EnvironmentVariableTarget]::User)
The above one-liner should add 7zip to the active user account's path. Change 'User' to 'Machine' for the whole computer, or 'Process' for the currently running window. If you set 'User' or 'Machine', you will need to open a new powershell instance to see the change reflected.
I was going to write up a simple alias 'iis' to invoke the IIS Manager, which is 'C:\Windows\System32\inetsrv\InetMgr.exe'
set-alias iis "OpenIIS.ps1"
and in the OpenIIS.ps1 I have
$item = "C:\Windows\system32\inetsrv\InetMgr.exe"
invoke-item -path $item
This doesn't work. The error I get is "The system cannot find the file specified"
In fact, just doing a Get-ChildItem on the inetsrv won't show the InetMgr.exe (no difference with -Force switch)
Get-ChildItem C:\Windows\system32\inetsrv\*.exe -force
Obviously I can see it in Explorer and I can launch it using cmd, but not with Powershell it seems. Also, Powershell is running as Administrator.
What is going on?
As a workaround I tried creating a link to the file and then invoking that link from Powershell. I now get a 'NotSpecified' Win32Exception.
I have originally used 64 bit Powershell, but get the same result on the x86 Powershell (both run as Administrator)
Are you at the elevated PowerShell prompt? Some system files may not show up unless you use -Force parameter with Get-ChildItem.
I think evidently the file InetMgr.exe is not there as when I do a get-childitem in the mentioned directory,it lists the "InetMgr.exe" there.
This may not be the problem with Get-ChildItem or the Alias you created but instead with ur IIS Server.