$serviceName = "wsearch"
$isRunning = Get-Service | Where-Object {$_.Status -eq "Running" -and $_.Name -eq $serviceName}
$isStopped = Get-Service | Where-Object {$_.Status -eq "Stopped" -and $_.Name -eq $serviceName}
if ($isStopped) {
Start-Service -InputObject $isStopped
Start-Sleep -s 10
}
if ($isRunning) {
Stop-Service -InputObject $isRunning
Start-Sleep -s 10
}
I want to run this script, but I don't want to set Administrator execution policy (which is set to max restrictive), while regular user policy is lax.
I want to run the script as a regular user and trigger the UAC prompt for each command (akin to -Verb RunAs), however, Start-Service does not accept this parameter.
I guess I can run a Start-Process "sc" but that defeats the purpose of powershell.
The ultimate goal of the script is to swtich the state of a service based on the current running state.
There is no way to run one-off commands elevated (as admin) in a non-elevated powershell session. This would be similar to 'sudo' in Linux which just doesn't exist in the Windows world. Instead you could use something like the following to start a powershell session as administrator and run the commands there. You are not limited to calling 'sc'
Start-Process -Verb RunAs -FilePath 'powershell' -Arguments '-Command <your commands>'
To run a powershell script with elevated privileges you could substitute -Command for -File (but -Command <path to file> will also work)
Start-Process -Verb RunAs -FilePath 'powershell' -Arguments '-File <path to script>'
Related
I tried to run a Powershell Script under the System Account via Jenkins.
$DebugPreference = 'Continue'
$dt=get-date -Format "MM-dd-yyyy-HH-mm-ss-fff"
Start-Transcript -Path "C:\install\transcript-$dt.txt"
dir env:
$cmdline = $((Get-CimInstance win32_process -Filter "ProcessID=$PID" | ? { $_.processname -eq "pwsh.exe" }).commandline)
if($cmdline -like "*pwsh.exe*")
{
write-host "Powershel 7 continue"
Write-Host "Before Start-session"
$s = New-PSSession -HostName ip -UserName user -verbose -KeyFilePath C:\.ssh\id_rsa
Write-Host "After Start-session"
}else{
Start-Process pwsh.exe -Wait -PassThru -ArgumentList "-NonInteractive -ExecutionPolicy Bypass -File $($MyInvocation.MyCommand.Definition)"
}
stop-transcript
My Problem is that Write-Host "After Start-session" is never reached.
The first Start-Transcript shows, that the Script is started again with pwsh.exe
The second Start-Transcript shows the Output till Before Start-session.
After that there is nothing added to the Transcript and the Process keeps running.
The Script is working fine, when it is running under the Administrator Account.
How can I debug this ?
The Problem was that the SSH fingerprint was not trusted.
When I runned the Script via a command Line instead of via Jenkins direct, i got this output:
The authenticity of host 'ip (ip)' can't be established.
ECDSA key fingerprint is SHA256:gQv8WE8G04RhfNNX7pRQjVX0lPj3jNZ4JTPIDNEIGHk.
Are you sure you want to continue connecting (yes/no)?
After i answered it with yes everything worked.
The Jenkings Job is now working two.
I have a script to uninstall McAfee antivirus and the agent associated with it.
The issue i'm having is that the script provides an exit code too early and doesn't continue through. If I run the script multiple times I get the desired result, but as we're trying to push it out via PDQ remotely, we need it to run through the script and only provide an exit code at the end of the script.
I'm a powershell novice so there's probably a much better and easier way to write this script but any advice would be greatly appreciated.
Start-Process -FilePath "msiexec.exe" -ArgumentList "/x {CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF} REMOVE=ALL REBOOT=R /q"; Write-Host "Uninstalling McAfee VirusScan Enterprise 8.8..."
$version = (Get-WmiObject -class Win32_OperatingSystem).Caption
Write-Host "Detected OS as $version"
if ($version -like '*Windows 7*')
{
Write-Host "Uninstalling McAfee Agent..."
Start-Process -FilePath "C:\Program Files (x86)\McAfee\Common Framework\frminst.exe" -ArgumentList "/forceuninstall"
}
elseif ($version -like '*Windows 10*')
{
Write-Host "Unmanaging McAfee Agent for Uninstall Process.."
Start-Process -FilePath "C:\Program Files\McAfee\Agent\maconfig.exe" -ArgumentList "/provision /unmanaged";
Write-Host "Uninstalling McAfee Agent..."
Start-Process -FilePath "C:\Program Files\McAfee\Agent\x86\frminst.exe" -ArgumentList "/forceuninstall"
}
else
{
exit
}
Start-Process reports a return code as soon as it starts the process indicating whether it was successful or not. Either use -wait to force the script to wait until it finishes or capture the output and proceed based on what the returnvalue is. See the docs for Start-Process
I have a powershell script that I am trying to run at computer startup through a GPO using the new tab for powershell scripts that can be found in the group policy editor.
No matter what, it does not seem to be running at all, and I suspect the problem might for some reason be with the script itself using some var or calling to something that is not available under NT Authority\System impersonation.
Should something in the following script need to be edited in order to actually work as a startup script via GPO?
$sysdrivelocker = Get-BitLockerVolume -MountPoint $env:SystemDrive
#If the drive is encrypted and ready, exit script and do nothing.
if(($sysdrivelocker.VolumeStatus -eq "FullyEncrypted") -or ($sysdrivelocker -eq "EncryptionInProgress")){
exit
}
#If the drive has been prepared with bdehdcfg, start bitlocker encryption and restart the computer.
else if($sysdrivelocker.VolumeStatus -eq "FullyDecrypted"){
#Creating the recovery key
Start-Process 'manage-bde.exe' -ArgumentList " -protectors -add $env:SystemDrive -recoverypassword" -Verb runas -Wait
#Adding TPM key.
Start-Process 'manage-bde.exe' -ArgumentList " -protectors -add $env:SystemDrive -tpm" -Verb runas -Wait
sleep -Seconds 15 #This is to give sufficient time for the protectors to fully take effect.
#Getting Recovery Key GUID.
$RecoveryKeyGUID = (Get-BitLockerVolume -MountPoint $env:SystemDrive).keyprotector | where {$_.Keyprotectortype -eq 'RecoveryPassword'} | Select-Object -ExpandProperty KeyProtectorID
#Backing up the Recovery to AD.
Start-Process 'manage-bde.exe' -ArgumentList " -protectors $env:SystemDrive -adbackup -id $RecoveryKeyGUID" -Verb runas -Wait
#Enabling Encryption.
Start-Process 'manage-bde.exe' -ArgumentList " -on $env:SystemDrive" -Verb runas -Wait
#Restarting the computer, to begin the encryption process.
Restart-Computer
}
#If the drive is not bitlocker ready, prepare it and restart the computer.
else if([string]::IsNullOrEmpty($sysdrivelocker.VolumeStatus) -eq $true)
#Starting the defrag service, required in the next step.
Get-Service -Name defragsvc -ErrorAction SilentlyContinue | Set-Service -Status Running -ErrorAction SilentlyContinue
#Preparing the systemdrive for bitlocker activation, and restarting the computer.
BdeHdCfg -target $env:SystemDrive shrink -quiet -restart | Out-Null
}
#Exit in case the volume status is anything else (e.g. paused or decryption in progress).
else{
exit
}
And yes, before anyone asks, I have set it up correctly as any guide I could find tells me, the script is located under \\domain.local\SysVol\domain.local\Policies\{GPO-GUID}\Machine\Scripts\Startup and for troubleshooting purposes I even set my machines execution policy to unrestricted.
I have the script bellow which I would like to have run itself as Administrator without using a batch file.
The issue is that when I run the script, it opens a new administrator window and then just closes immediately.
If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{
$arguments = "& '" + $myinvocation.mycommand.definition + "'"
Start-Process powershell -Verb runAs -ArgumentList $arguments
Break
}
Get-AppxProvisionedPackage -Online | Sort-Object -Property DisplayName | Select-Object -Property DisplayName
Add -NoExit to the PowerShell command line (otherwise, when given a script, it exits when that script has completed).
Add the -noexit to the argumentlist that launches your elevated process.
I have the silent uninstall/wait/install script below that I need to push out to users, but I need to script it so it runs as administrator and I found some scripts, but I'm not understanding how to script it, any help is appreciated. Also, do I have to put the administrator script in twice? (i.e. in the first line of the uninstall script then before the line of the 2nd install script) or just once when I run it?
Get-WmiObject -Class Win32_Product | Where-Object {$_.Name -eq "On-Screen Takeoff"} | foreach-
object -process {$_.Uninstall()}
Start-Sleep -Seconds 25
$arguments="/quiet"
Start-Process "\\davisconstruction.com\ROOT\Installs\OnCenter\OST\Testverion3906\ost3906.msi" $arguments
There are two ways:
You can right-click on "Start" --> "Windows PowerShell Module" or "Windows PowerShell ISE" by going to "Start" --> "Administrative Tools" --> "Windows PowerShell Module" or "Windows PowerShell ISE".
Select "Run As administrator".
Anything you run in that window will be as "Administrator".
Run your script as:
Start-Process "$psHome\powershell.exe" -verb runas -ArgumentList "-file fullpathofthescript"