I am looking to run an exe from powershell using a credential. I want the output to be in the same window. This is how my powershell looks.
Start-Process documentation: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.management/start-process?view=powershell-6
$username = 'user'
$password = 'password'
$credentials = New-Object System.Management.Automation.PSCredential -ArgumentList #($username,(ConvertTo-SecureString -String $password -AsPlainText -Force))
$pathNew = "c:\pathtomyexe\text.exe"
Start-Process $pathNew -NoNewWindow -Credential ($credentials) -PassThru -Wait
With -Credential ($credentials) a new window is launched.
When I run Start-Process without -Credential, I get result in the same window as expected.
Start-Process $pathNew -NoNewWindow -PassThru -Wait
What am I doing wrong? Any pointers?
Short answer, you aren't doing anything wrong. You just won't be able to do this.
When you run Start-Process -NoNewWindow without -Credential you say: with the current already authenticated credentials, run the executable, and return the results within the same console window.
When you run Start-Process with -Credential the first question is: how do you verify that the Credentials are valid? You can't just look at the username and assume that you can re-use the existing session (e.g. the password might be wrong). To validate the credentials, Start-Process launches a new process as the username/password provided in the Credential object. It performs an authentication check and get a new authentication ticket.
Since it's a new process, running under a completely new context, with new authentication ticket, it ignores the -NoNewWindow flag as there is no way for the current console to redirect the output of the new process, and launches it as a new window.
Related
I want to set registry keys in a PowerShell script but the script has to be executed as the logged in User and only the part where registry keys are set need to run with administrator privileges.
This is what i got yet, unfortunately it is not working:
#Run ScriptBlock as admin
$username = ".\admin"
$password = ConvertTo-SecureString "adminpassword" -AsPlainText -Force
$credential = [pscredential]::new($username,$password)
Start-Process -WindowStyle Hidden -FilePath "powershell" -Credential $credential - ArgumentList '-noprofile -command &{$ScriptBlock -verb runas}'
Is there a better way to do it? I'm really new into scripting.
Thanks a lot!
I have a script that runs as SYSTEM, if i try to start-process notepad.exe it's working fine. if i add -credentials $cred it shows Access Denied. The credentials i pass over has local admin access, so why is there Access Denied? with procmon on powershell.exe i can not identify any access denied operation, i can see that powershell access notepad.exe with success result.
any ideas?
in one forum-post I read that it's not possible to execute a command with -credentials as SYSTEM. is that so?
if so, is there any workaround?
to my background, i use a software distribution where any installation runs as SYSTEM, from there i want to execute a powershell script as different user.
i found a solution:
$secpasswd = ConvertTo-SecureString 'password' -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ('domain\user', $secpasswd)
Invoke-Command -ScriptBlock { Start-Process powershell c:\temp\mmc.ps1 -verb runas -wait} -ComputerName localhost -Credential $mycreds -Verbose
its not exactly what i want because here you need to enable psremoting first. but its like a workaround.
any idea how this is possible without invoke-command would be appreciated
what I'm trying to do is add a user to the local admin group then launch a program with those credentials. I have the first part working:
$env:COMPUTERNAME
$srvgroup = [ADSI]("WinNT://"+$env:COMPUTERNAME+"/Administrators, Group")
$srvgroup.name
$srvgroup.add("WinNT://userID,user")
$srvgroup.Invoke("Members") | foreach {$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}
The second part is what I can't seem to get working correctly.
Start-Process runas.exe -Credential DOMAIN\user -ArgumentList '-noprofile -command & "C:\Program Files (x86)\Misc\SecureClient" -verb runas}'
I don't get an error message but the program does not start. I should get a popup window for the application but nothing happens when I try it this way.
Any ideas?
DOMAIN\user is not a full credential. You need to do something like this:
$passwd = ConvertTo-SecureString "opensesame" -Force -AsPlainText
$cred = new-object pscredential 'Domain\user',$passwd
Start-Process -Credential $cred ...
I ended up doing it like, don't really like it but it works:
start-process "cmd.exe" "/c D:\Scripts\client_connect.cmd"
that .cmd file is:
C:\Windows\System32\runas.exe /savecred /user:domain\username"C:\Program Files (x86)\xxx\xxx\sclient.cmd"
I have a script, that determines a userid; once I have that userid, I want to run a script block against that userid using different credentials. Is this possible? Can anyone show me examples of this?
I got it, thanks to Trevor Sullivan for pointing me in the right direction. I ended up just putting my second ps1 file into a scriptblock, and running it as a job, and passing it the arguments from the main script, like this
$job = Start-Job -scriptblock {
param ($username)
some code to run against the variable that was passed in
} -Args $target -credential $Cred
$target being the variable I want to pass to my scriptblock.
$username being the parameter that the scriptblock accepts Thanks.
I know this was answered a long time ago, but I thought I'd add another option for those looking that returns data without having to retrieve it.
We can create a helper script that creates a pscredential and then uses it to start a local PSSession to run a script or scriptblock in a different user's context. You need to get the user password from somewhere, preferably entered as a secure string or retrieved from a Key Vault, but for the example our helper script will take it as a string parameter.
Script contents:
param ([string]$username,[string]$password)
$Username = 'username#domain.com'
$Password = ConvertTo-SecureString -String $password -AsPlainText -Force
$Credential = New-Object -Type PSCredential($Username,$Password)
$Session = New-PSSession -Credential $Credential
Invoke-Command -Session $Session -FilePath C:\Path\to\some\script.ps1
You can also use -ScriptBlock instead of -FilePath if you have a simple chunk of code to run or you have converted a script to a script block.
Hope this helps somebody out!
Security context for a session is established when the session is initialized. You can't arbitrarily run commands under a different context within the session. To run under a different security context (set of credentials) you'll need to initialize a new session under those credentials and run it there.
If you look at the help for Invoke-Command, you'll note that the -Credential parameter is only valid in parameter sets that specify a remote session by computername, uri, or session. You can also use -credential with Start-Job, which will run the command in a new session on the local machine.
This code will launch PowerShell in Administrator mode using the credentials provided and then run the code in the script block. There might be others ways but this works for me.
$account= # AD account
$password = # AD user password
$passwordSecure = ConvertTo-SecureString ($password) -AsPlainText -Force
$Cred = New-Object System.Management.Automation.PSCredential ($account, $passwordSecure)
$ScriptBlock = {
whoami
start-sleep 3
}
# Run PowerShell as Administrator with Custom Crednetails
start-Process powershell.exe -Credential $Cred -ArgumentList "-Command Start-Process powershell.exe -Verb Runas -ArgumentList '-Command $ScriptBlock'" -Wait
I am getting the following error when trying to execute a line of code
Start-Process : This command cannot be executed due to the error:
Access is denied.
This is the code being executed
$username = "domain\username"
$passwordPlainText = "password"
$password = ConvertTo-SecureString "$passwordPlainText" -asplaintext -force
$cred = New-Object -TypeName System.Management.Automation.PSCredential -argumentlist $username,$password
$powershellArguments = "D:\path\ps.script.ps1", "arg1", "arg2", "arg3", "arg4"
Start-Process "powershell.exe" -credential $cred -ArgumentList $powershellArguments -wait
This code works fine when executed locally, but not when called via vbs WMI
Both computers exist in the same domain and address range
The username and password supplied have admin privileges on both machines
I have tried both with and without -wait however neither works, and due to the user being privileged, I'd prefer to keep it
Q: Have you tried without the "-wait"?
Look at this link:
http://social.technet.microsoft.com/Forums/en-US/winserverpowershell/thread/3983a1e4-a663-47df-86f6-874d1828ea61/
The parameter "-wait" suppresses the command prompt or retains the
window until the process completes. This operation may require
administrator rights.