Start-Process as another user with Credentials and ArgumentList - powershell

I am currently facing the issue of running an .exe as another user. I followed the documentation and all the given suggestion in the internet, but still cannot run it successfully as another user with arguments.
Need some advise on how to resolve this. I am using powershell v4. Much help appreciated. Thank you.
$username = 'wintel\approveduser'
$password = 'password123'
$securePassword = ConvertTo-SecureString $password -AsPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential $username, $securePassword
Start-Process -FilePath D:\testing\CICD.exe -Credential $credential -ArgumentList "-i -b CICDbranch -m Release -r -f $currentPath\Release\export.zip" -RedirectStandardOutput ".\stdout.txt"

Related

Cant use -Credential when using "Start-Process" in Powershell

I want to execute a .exe File with the Start-Process Command while using specific credentials.
However I cant get it to work for me:
$username = "<Domain\Username>"
$password = "<Password>"
$secPassword = ConvertTo-SecureString $password -AsPlainText -Force
$credentialps = New-Object System.Management.Automation.PSCredential ($username, $secPassword)
Start-Process -FilePath "<path to exe>\Test.exe" -Credential $credentialps -NoNewWindow -ArgumentList "<Arguments>"
This outputs the following error:
Start-Process : This command cannot be run due to the error: The parameter is incorrect.
I Also tried just using $credential = Get-Credential, this gives you back an PSCredentials Object, but it gave me the same error.
What am I doing wrong? Sorry if something's missing, Iam new to Powershell :)
Edit: After removing the Credentials parameter the script runs perfectly, so there shouldnt be a problem regarding the FilePath or Argumentlist.

Running powershell script fails on windows server salve

I have the below code which runs from Jenkins on windows server 2019 slave:
$Username = $args[0]
$Password = $args[1]
$Env = $args[2]
$pass = ConvertTo-SecureString -AsPlainText $Password -Force
$Cred = New-Object System.Management.Automation.PSCredential -ArgumentList $Username,$pass
echo "******** Start SQL Deploy ********"
Start-Process -FilePath msbuild -ArgumentList '"Database Services\Database Services.sqlproj"','/t:deploy', '/p:Configuration=Release', '/p:TargetConnectionString=$Env', '/p:BlockOnPossibleDataLoss=True', '/p:TargetDatabase="test_fsdb"','-fl','-flp:logfile=msbuild.log' -wait -LoadUserProfile -credential $cred
Get-Content msbuild.log
echo "******** End SQL Deploy ********"
The parameters comes form Jenkinsfile. I'm using applicative user.
The error is:
Start-Process : This command cannot be run due to the error: The service cannot be started, either because it is
disabled or because it has no enabled devices associated with it.
I was able to run it locally, so I wonder if it's kind of permission issue on the salve...

Jenkins Deployment - Powershell SCP Script

Good evening,
I'm trying to write a Powershell script that will connect to a remote server via SCP and upload or download files/folders. Ultimately this is the script that I would like Jenkins to run.
So far I'm using Posh-SSH and having good success. The only issue is, no matter what I have tried so far, it will always prompt me for my credentials. This, obviously, makes it not entirely automatic.
I have attached a few things I've tried. Hopefully someone can help me out with this!
The basic command I'm testing with:
get-scpfolder -computername '111.111.111.111' -credential $credential
-remotefile "/var/myFolder" -localfile 'C:\Users\Me\destFolder'
Again, this works, but it requires me to enter my credentials.
I saw this command online:
$Password = "pass"
$User = "admin"
$ComputerName = "111.111.111.111"
$Command = "get-scpfolder -computername $ComputerName -credential $Credentials -localfolder 'C:\Users\Me' -remotefolder '/var/destFolder"
$secpasswd = ConvertTo-SecureString $Password -AsPlainText -Force
$Credentials = New-Object System.Management.Automation.PSCredential($User, $secpasswd)
$SessionID = New-SSHSession -ComputerName $ComputerName -Credential $Credentials #Connect Over SSH
Invoke-SSHCommand -Index $sessionid.sessionid -Command $Command # Invoke Command Over SSH
However this returns ExitStatus 1 and nothing happens. I have tried a few variations of the $Command including the credentials or not, for example, and I can't get any of it to work.

How to pass Windows credential in a PowerShell script?

I am writing a PS script to open a URL automatically in a Chrome browser. I created a credential object and pass it to Start-Process as below.
$username = Read-Host 'What is your username?'
$password = Read-Host 'What is your password?' -AsSecureString
$credentials = New-Object System.Management.Automation.PSCredential -ArgumentList #($username,(ConvertTo-SecureString -String $password -AsPlainText -Force))
Start-Process -FilePath Chrome -ArgumentList $url -Credential $credentials
I expect the Chrome browser to be opened with the URL using the credential object. But it's throwing the error as below.
Start-Process : This command cannot be executed due to the error: Logon failure: unknown user name or bad password.
Note: The URL works fine if I pass the Windows security credentials to the URL manually, therefore my credentials are good. Feel something is wrong in passing the Windows security credentials. Not sure what's wrong.
$userName = "Pandiyan"
$secpasswd = ConvertTo-SecureString "mypasswordiscool" -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential -ArgumentList $username, $secpasswd
$url = "localhost/atomicscope"
Start-Process -FilePath "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -ArgumentList $url -Credential $mycreds
You should also specify the path to chrome and try this again. Instead of readhost provide the credentials directly and it should fire chrome right away. If there is a user waiting to be typing in the console its fine. Else there's no use of automating this with powershell
You already read the password as a secure string, so you don't need to do that again when creating the credential object. ConvertTo-SecureString would only be required if $password contained a plaintext password.
This will do what you want:
$credentials = New-Object Management.Automation.PSCredential $username, $password

How to run Start-Process in Powershell using user credentials?

I've got a Windows service (Jenkins) that runs a script which needs to run a command as a specific user.
I tried to do this but it doesn't work:
$secpasswd = ConvertTo-SecureString "myPassword" -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential("DOMAIN\myUsername", $secpasswd)
$Arguments = #()
$Arguments += "-Command"
$Arguments += "pwd"
$Arguments += ">"
$Arguments += "output.txt"
Start-Process powershell.exe -ArgumentList $Arguments -Credential $mycreds -NoNewWindow -WorkingDirectory $workingDir
Start-Sleep 2
Get-Content "$workingDir\output.txt"
I get this output:
Start-Process : This command cannot be executed due to the error: Access is denied.
At C:\Windows\TEMP\hudson2382859596554223918.ps1:32 char:14
+ Start-Process <<<< powershell.exe -ArgumentList $Arguments -Credential $mycreds -NoNewWindow -WorkingDirectory $workingDir
+ CategoryInfo : InvalidOperation: (:) [Start-Process], InvalidOperationException
+ FullyQualifiedErrorId : InvalidOperationException,Microsoft.PowerShell.Commands.StartProcessCommand
Now if I remove -Credential $mycreds it works fine. The reason why there is that Start-Sleep at the end is that I removed the -Wait after reading this question on SO.
Am I missing something here?
$username = "username"
$password = "password"
$credentials = New-Object System.Management.Automation.PSCredential -ArgumentList #($username,(ConvertTo-SecureString -String $password -AsPlainText -Force))
Start-Process dnscrypt-proxy.exe -WorkingDirectory path_here -Credential ($credentials)
--from powershell forums; i searched for this same solution just a couple days ago and this worked. hope it helps you.
Source: http://powershell.com/cs/forums/t/9502.aspx
Finally found the solution: by default, Jenkins is run as a service log on as the "Local System account". To change this launch the services application (type "services" in the start menu), look for Jenkins, double click on it and go to the "Log On" tab.
You should now see what account the service is using. Change to "This account" and fill in your account details and voila!
For the record the command I was originally trying to run works fine now, without having to add any of the "changing user" things on top.
Special thanks to #Poorkenny that put me on the correct track with his comment, THANK YOU! Stackoverflow rocks! (that moment when thanks to someone you just solved an issue that took you the whole day to figure it out...)