Automating JiraPS-PowerShell Scripts with Task-Scheduler, Issue on Authentification - powershell

I have created a script to bring missed Phonecalls to Jira. For this, I am using the JiraPS-Powershell Module.
The scripts work, if I am run them PowerShell ISE. But after creating a Task in Windows Task-Scheduler, the authentification fails.
JiraPS creates a Websession (Microsoft.PowerShell.Commands.WebRequestSession) and it seems that this Session cannot be accessed via Task-Scheduler.
Is there a way to solve this problem?
(If it is just a Task-Scheduler issue, I am happy to change to a different solution)#
Thank you!
Further information:
How I know that the Session is still existing?
PS C:\FreePBXToJira> Get-JiraSession
Username WebSession
-------- ----------
XX Microsoft.PowerShell.Commands.WebRequestSession
I tried this before and after the scheduled Task and the Session is always available for me, but not for the Task-Scheduler

At least I found a solution, which makes it possible to run the Script via Task-Scheduler. Instead of using the saved session, I create a new session every time. The drawback is, that I have to put my credentials in the script
$secpasswd = ConvertTo-SecureString "myPassword" -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ("myUsername", $secpasswd)
New-JiraSession -Credential $mycreds

Related

Powershell Start-Process with Credentials runs forever

I have an issue with the start-process command in Powershell, when using the -credentials parameter the Powershell_ISE is running forever, it never finishes.
The issue seems to be on one server though, so when i run it on this specific server (Windows Server 2016) the Powershell_ISE runs forever and i cannot stop it, then it just gets stuck in stopping mode.
When i run the exact same lines in Powershell_ISE on another server, it runs without any issues.
On the server im having the issue on, i have tried to use a newly created account to be sure its not a profile related issue.
I have set the executionpolicy to unrestricted.
And yes i run the Powershell_ISE as an administrator.
Set-ExecutionPolicy Unrestricted
$username = "DOMAIN\USERNAME"
$password = "PASSWORD"
$Password = ConvertTo-SecureString “$password” -AsPlainText -Force
$Credentials = New-Object System.Management.Automation.PSCredential ($username, $Password)
Start-Process Notepad.exe -Credential $Credentials
The usage of Notepad.exe is just something im using for testing, i use this function in another matter, but it doesnt work with any process.
I have to use this server for this function, and its because this server is hosting a RDS Tool in IIS in production.
Does anyone have any idea what might cause this?

How to store local administrator username and password in powershell script

I am creating a PowerShell script that a user can just run to edit an entry in registry. My problem is that I cannot figure out how to store local admin username and password in the same script so that the user can just double click the script and run it without having to enter username and password manually.
Here is my code:
$username = "testpc\administrator"
$pasword = get-content C:\Users\test1\documents\testpassword.txt
$credential = new-object -typename system.management.automation.pscredential -argumentlist $username, $password
This does not work at all. Please let me know what I am doing wrong here.
Usually I'd ask for an error, but in this case I'll advise different, just because your approach isn't acceptable.
Don't store passwords unencrpted in script. Never.
Don't store passwords encrypted in scripts, which are meant to be read by someone else, especially not a user with less privileges. Never!
Go, figure other ways to solve your problem. Always!
In this case I see two solutions with the given information:
change the ACL for the registry key that need to be changed by the user
Create a scheduled task which runs as SYSTEM. Make sure the user cannot edit the script.
Actually #vrdse is right.
you can create the script with the KEY as parameter and:
create a scheduled job with the credentials of your user and add the script as task.
give the user the right to execute the job but NOT to edit or to delete
give a shortcut to the scheduled job (or a runner script) to the user and make a how-to document to show him,/her how the parameter should be used.
I use clear text passwords as temporary testing stuff to make sure users CANNOT use my script (so it is exactly the opposite of your action).
You can capture credential during execution:
$cred = get-gredential -message 'This script needs a real admin user'
Enter-PSSession -Credential $cred -ComputerName 127.0.0.127
You can build a credential (do not store privileged user data):
$user = 'SuchAGreatDomainName\IAmLowPrivilegedUserName'
$Password = 'SuperSecretPassEverybodyKnows'
$secpassword = ConvertTo-SecureString $Password -AsPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential($user, $secpassword)
Invoke-RestMethod -Uri $Uri -Credential $Credential

How to connect PowerShell with CRM online?

I am writing a PowerShell script where it needs to be connected to CRM online.
I can connect to CRM using Connect-CrmOnline where it asks for credentials using a login box. I want to automate it. Please guide on how to do it.
Is there a way to connect using connection string? Please share sample code/ script. I am new to PowerShell.
I am using Microsoft.Xrm.Data.PowerShell
Thank you.
You can build a credentials object and use that in the script. For example:
$secpasswd = ConvertTo-SecureString "PlainTextPassword" -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ("username", $secpasswd)
You would then use it within your script with -credential $mycreds parameter
Ref: https://blogs.msdn.microsoft.com/koteshb/2010/02/12/powershell-how-to-create-a-pscredential-object/ and https://learn.microsoft.com/en-us/dynamics365/customer-engagement/developer/xrm-tooling/use-powershell-cmdlets-xrm-tooling-connect

Prevent the need to use Login-AzureRmVm before being able to stop the VM

Before I can the command Stop-AzureRmVM I need to use Login-AzureRmVm and enter my login credentials every time.
I want to prevent this.
Is there any way how I can prevent the need to login to use (most of) PowerShell commands in an Azure VM ?
You will need to log in every time, but you can avoid the interactive login process by providing the credentials. I believe you don't want the popup for the login and want it to happen non-interactively and fully automated way. You can use below code:
$secpasswd = ConvertTo-SecureString “YourPass” -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential (“YourUser”, $secpasswd)
Login-AzureRmAccount -Credential $mycreds
You will need to log in using Org account instead of live id. Refer: go.microsoft.com/fwlink/?linkid=331007&clcid=0x409
You can also have this 3 line script auto execute when the PowerShell starts.

How do I execute a powershell script under a specified credential without a prompt?

I'm writing an 'Action Script' in VMWare AppDirector 'AppD' which installs MS Dynamics. (My action script is actually a powershell script). The way this works is that AppD will execute a powershell script on a newly deployed server, using a builtin administrator account. This script is one of the last steps in a highly orchestrated deployment. At this stage my SQL server has been deployed, the databases loaded, and I'm performing the final deployment.
When I run my script logged in as myself, everything works great. But of course that's executing under 'mydomain\myusername' which has access to the SQL server etc. However, when AppD executes this script under a local builtin account, it doesn't have the credentials needed by setup to authenticate against SQL, and make proper connections for install to succeed.
My first attempt was to just call a script, that invokes my actual deployment script, so I can pass credentials;
$user = "mydomain\myusername"
$pword = ConvertTo-SecureString -String "mypassword" -AsPlainText -Force
$credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, $pword
Invoke-Command -FilePath "C:\Scripts\DeployAOS.ps1" -Credential $credential -Computer localhost
This looked like it might have worked, but when reviewing the install log I see the following error;
2015-03-09 13:15:19Z Property DbSqlServer set to: 'SQLSERVER001'
2015-03-09 13:15:23Z Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
My original DeployAOS.ps1 script contains this line, which kicks off the install;
# Perform AOS Installation
Start-Process -FilePath $exeAOSSetup -ArgumentList $cfgAOS -Wait
I have also tried just modifying my DeployAOS.ps1 to set the 'System.Management.Automation.PSCredential' object w\ Username\Password, and doing something like this;
# Perform AOS Installation
Start-Process -FilePath $exeAOSSetup -ArgumentList $cfgAOS -Credential $credentials -Wait
And it really didn't like that. It feels like the AOS setup needs to be executed under a domain user, that has access to the SQL server, and maybe even have a user profile loaded while setup runs (So it can create a desktop shortcut, etc.)
Any ideas how I might go about solving this problem? I'm fairly new to scripting in powershell, so any help would be appreciated.