Windows Sandbox PowerShell logon command window not visible - powershell

I'm trying to use Windows Sandbox with a PowerShell logon command. This is the LogonCommand section of my WSB file:
<LogonCommand>
<Command>C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -executionpolicy unrestricted -file "C:\\Users\\WDAGUtilityAccount\\Desktop\\boot.ps1" -noexit</Command>
</LogonCommand>
The Windows Sandbox instance loads up okay suggesting no syntactic/validation issues with the WSB file content, but the PowerShell window is not shown. Adding -windowstyle normal has no effect.
I suspect the LogonCommand content is run in a command prompt which is not made visible so running the command to open PowerShell from it somehow "inherits" the terminal window not being visible.
Is it possible to force the PowerShell terminal window to reveal itself in such a case? I want to do this so that I can see the errors that I get because the PowerShell script is not executing as expected and I'm blind to any output/progress indication.

Found an answer (doesn't look like the cleanest option, but works):
<Command>powershell -executionpolicy unrestricted -command "start powershell {-noexit -file C:\Users\WDAGUtilityAccount\Desktop\boot.ps1}"</Command>
powershell switches from CMD to PowerShell
-windowstyle normal won't work to make this PowerShell window visible
-executionpolicy unrestricted allows the nested PowerShell to run from file
start powershell runs another PowerShell with visible window
Running this directly for LogonCommand will not work
-noexit tells the nested PowerShell to remain visible
This is not necessary but it is useful for debugging the script errors
-file C:\Users\WDAGUtilityAccount\Desktop\boot.ps1 runs the given script
Share it with the machine by using a MappedFolder in the WSB configuration

Related

Powershell window does not hide even after adding -WindowsStyle hidden while running task from task scheduler

I have created a task in task scheduler.
Its basically a powershell script which has to run in interactive mode.
Task is running under SYSTEM account.
In Actions tab, under Program/Script I have added path of the ServiceUI.exe e.g, C:**\ServiceUI.exe
Under Add arguments option, I have added C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -Windowstyle hidden -NoProfile -Executionpolicy bypass -file "C:**\PS1.ps1"
When I run the task, powershell window prompt shows for a fraction of a second.
Could someone please suggest a way to hide it?
I was able to fix the problem by using vb script.
WScript.Quit CreateObject("WScript.Shell").Run("powershell.exe -ExecutionPolicy Bypass -WindowStyle Hidden -File " & PSscriptPath, 0, true)
In Actions tab, under Program/Script I had path of the ServiceUI.exe e.g, C:**\ServiceUI.exe
Added wscript.exe "vbs script path" in the arguments option.
Powershell prompt doesn't come up, and task works perfectly in interactive mode under SYSTEM account using these options.

How to run a PowerShell Script in the background (no window) from Windows Explorer? [duplicate]

The shortcut below executes powershell.exe and passes it the script vscode.ps1. It works except that for all my attempts, it still displays a terminal window briefly when running. You can see I've passed parameters which is supposed to prevent this, but I still see the window. What do I have to do to execute a PS script from a shortcut without the terminal window being displayed?
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -nologo -NoProfile -WindowStyle Hidden -file C:\Users\bernie\OneDrive\PowerShell\vscode.ps1 C:\Users\bernie\OneDrive\Documents\windows.txt
It's a known issue, see https://github.com/PowerShell/PowerShell/issues/3028#issuecomment-583834582
As #Ciantic mentioned, the best way to work around this issue is by using a VB script:
In, say ps-run.vbs put
Set objShell = CreateObject("Wscript.Shell")
Set args = Wscript.Arguments
For Each arg In args
objShell.Run("powershell -windowstyle hidden -executionpolicy bypass -noninteractive ""&"" ""'" & arg & "'"""),0
Next
Then use it to run the command you want, e.g.
wscript "C:\Path\To\ps-run.vbs" "C:\Other\Path\To\your-script.ps1"
I use something like this to run a task frequently without seeing any flashing windows.
Yes, Powershell can't completely do this. But VBScript can do this. Also I use Hidden Start which can start any program hidden or bypass UAC.

How can I bypass execution policy when running scripts from Powershell ISE

So I can write a script in Powershell ISE, not save it, and it will run (F5/green arrow on the ISE). Once I save it, I get the error saying I can't run saved scripts. If I open a Powershell window in the directory the saved script exists, I can run it with
powershell -ExecutionPolicy ByPass -File script.ps1
But is there a way I can get this to work when running it via the ISE's green arrow/F5? I don't have admin access to this PC
Edit: Windows 10
Ok so I just found out you can set Execution Policy for yourself (current user) without having admin rights. So if you're coming here from google do this:
Set-ExecutionPolicy -Scope "CurrentUser" -ExecutionPolicy "RemoteSigned"
Also you can run individual script without setting Execution Policy for current user, by passing Execution Policy only for file script.
For example:
Powershell -executionpolicy RemoteSigned -File "C:\scripts\script.ps1"
Very convenient for scheduled tasks in the Windows Task Scheduler to run PowerShell commands (scripts).
That's my addition for google users

Script to change PowerShell ExecutionPolicy

When I setup my system, I use a number of config scripts to have my cosy place to play.
Based on this, I run by double-clicking the following enableps.js:
new ActiveXObject("Shell.Application").ShellExecute(
"powershell", "-noexit -Command \"& Set-ExecutionPolicy RemoteSigned\"", "", "runas");
Because of the -noexit I can issue in the displayed PowerShell window:
Get-ExecutionPolicy
and get as expected:
RemoteSigned
Unfortunately, when opening a new instance of PowerShell, the policy keeps to be Restricted.
If I run in a standard cmd prompt:
cscript "path\to\enableps.js"
it works. But if I embed the command in the enableps.cmd batch and again try to run it by double-clicking, it doesn't work. If I right-click enableps.cmd and use the Runas-Administrator entry, it works again.
So how can I make things working with the standard double-click (plus the related Windows prompt)?
You need to run the command and give it the -Scope argument so that it applies to more than the current session. Add the argument:
-Scope CurrentUser
... and the solution is:
Double click on the file:
// enableps.js
// -----------
new ActiveXObject("Shell.Application").ShellExecute(
"powershell", "-Command \"Set-ExecutionPolicy RemoteSigned\" -Scope CurrentUser",
"", "runas");
Consider replacing RemoteSigned with Unrestricted to allow running downloaded scripts too.
Credit goes to TheMadTechnician, who anyway did not write the full code.
By default making system-wide changes will require you to elevate the process if it hasn't been elevated already. If you want your script to disable the execution policy at the machine level then you will either need to switch off UAC or else you will have to run your cscript using a shellExecute, which will present the user with the required UAC approval dialog.

PowerShell script to restart a service

My mission is to press a keyboard sequence, such as Ctrl +Shift +R, to restart a Windows Service.
I have a script which works fine in the PowerShell ISE, when launched with administrative privileges.
When I try with a PowerShell script it fails due to insufficient Administrative Privileges. It’s galling that I can get it to work with an old-fashioned bat file, but not PowerShell.
The root of the problem is that shortcuts to a PowerShell script have their Administrative privileges box greyed out. So far no work-around has overcome this privilege problem.
Any ideas?
One approach is to start another elevated PowerShell session within your script like so:
Start-Process PowerShell.exe -arg '-nologo -noprofile script.ps1' -verb runas
That should prompt to elevate the new PowerShell session. I think you should be able to set the -WindowStyle parameter such that the new window doens't appear (if you need that behavior). Note that you will need to specify the full path to your existing script.
You suggest you don't like solving this problem with a batch file (e.g. net start), I think because batch files are inherently more limited than powershell scripts. What you can do is wrap your Ps script in a batch file, though, for the sake of accomplishing your stated objective -- running a powershell script with a keyboard shortcut without access permissions issues. Try this in a batch file:
powershell set-executionpolicy remotesigned
powershell myscript.ps1