I am experiencing below issue when I run the batch script as administrator. When I
ran the same script normally, there were no issues.
Please share some thoughts on this issue.
snapshot of the error
When you run as administrator, the user session changes from your user session to one based in %SystemRoot%\System32. What you need to do is get the path of the current invocation of your Powershell script and make it the path of your build1.ps1 script:
$ScriptPath = Split-Path $MyInvocation.InvocationName
& "$ScriptPath\build1.ps1" -Target prepare-qa
This way, regardless of user, the script is executed in the proper location.
When you open powershell as a user, the default directory is C:\Users\MyName.
When you open powershell as an admin, the default directory is C:\WINDOWS\System32.
In your script, try using Set-Location C:\Users\myusername or where ever your script is located. Or, fully qualify the script's path.
Related
We have a batch file that certain users can launch from their local machines that will run a PowerShell script on a DC in order to unlock user accounts or reset a password. However, all of a sudden it's not working, not even for network admins running it as an administrator. If we log on to the DC and run it locally, it works exactly as it should.
There haven't been any changes to the permissions of the file and no changes to the AD groups that have permission to run the file.
The batch file is this:
#echo off
cls
echo Loading, Please Wait...
;C:\Windows\System32\WindowsPowerShell\v1.0\Powershell.exe -ExecutionPolicy Bypass -File %logonserver%\<PATH TO FILE>\FILENAME.ps1
Same batch file that it's always been, but now when we run it remotely, we get multiple errors:
The term 'Get-ADGroupMember' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
Locally, it runs just fine. And yes, the first thing the PowerShell script does is
Import-Module ActiveDirectory -ErrorAction SilentlyContinue
As I said, it used to work but now it doesn't and we're completely lost as to why. We've searched and searched, but can't seem to find any information as to what might be causing it to error out.
If anyone has any ideas or suggestions, we would appreciate it.
Discovered that RSAT wasn't on any of the machines anymore. It required downloading the installer and running it on the machines. Once we did that, everything works like it should.
This is Intune related but could probably apply outside the scope of Intune as well.
I wrote a PowerShell script that downloads a folder from an Azure blob storage and extracts the content. Within the extracted folder is another PowerShell script that I want to run.
The PowerShell script is deployed in Intune and runs successfully all the way up to the point where the second PowerShell script runs. From the log, it's running into a permission issue.
Scripts deployed through Intune are ran as administrator/system and don't require any local policy change to allow the execution of PowerShell scripts on the device. However on the device, the user account is only a standard user so they don't have permissions to execute PowerShell scripts. In the first script, I've included the "Set-ExclusionPolicy Bypass" command already.
I need to be able to deploy the script from Intune to the local device and essential run another script as the local user (non administrator account). I thought maybe I needed the local user to be included in the local administrators group to be able to run the second script but that did not work either.
Also read somewhere that PowerShell can run PowerShell scripts from other PowerShell scripts directly. The only time you need Start-Process for that is when you want to run the called script with elevated privileges (which isn't necessary here, since your parent script is already running elevated).
^^^Is this my issue? My script does include "Start-Process" to run the next powershell script.
Script below for reference.
New-Item -Path "C:\IT Drivers" -ItemType Directory ;
Invoke-WebRequest - Uri 'https://xyz.zip' -OutFile "C:\xyz.zip" ;
Expand-Archive -Path "C:\xyz.zip" -DestinationPath "C:\";
Set-ExclusionPolicy Bypass ;
Start-Sleep -Seconds 30 ;
Start-Process powershell "C:\xyz.ps1"
Any guidance would be appreciated, thank you!
just for understanding this.
I want to open my Powershell in a certain folder. As I didn´t find out how, I tried to put a batch file with just "cd ....." in it in the default folder where PowerShell opens.
When I execute the batch, though, I end up where I started from.
It seems that the batch gets excuted in a subshell which doesn´t affect the Parentshell.
How can I execute the stuff in the batchfile in parentshell ?
Thanks in advance!
You cannot. Batch files are executed by cmd, not PowerShell, so there will always be a new process for them.
With a PowerShell script you can use dot-sourcing
. Script.ps1
To execute the script in your current scope, which is most similar to how batch files are executed by cmd by default.
If you want to open your Powershell in a certain folder, you can set that up in your Powershell profile. In Powershell, type $profile and that will give you the location of your profile file. Edit that file and use Set-Location:
Set-Location 'C:\Some\Place'
Powershell will execute whatever is in your profile script every time you open a new Powershell session.
I'm trying to have powershell create a folder for me and it works fine when I type it into the console. However, when I run the same command as a script, no folder is created and no error messages are supplied.
This is the line of code I am using.
new-item - path c:\test\ -name testfolder -itemtype directory
edit: I am on Windows 7
This should be a comment, but I cannot comment. There is definitely nothing wrong with that line of code. It runs on my machine, either from the terminal window or as a script. Because the code works for you at the terminal window but not when executing as a script my first guess is that your system may be configured to disallow powershell scripts. This is the default setting, and it will prevent a script file from executing but will not prevent commands typed at the prompt from working. Open a powershell session and type get-executionpolicy. If it returns "restricted" then you have found the culprit. This setting can be changed by opening an elevated powershell session (run as admin) and typing set-executionpolicy -executionpolicy RemoteSigned. Of course you should read about what those settings mean before changing them to determine what is best for your situation. For example the remotesigned option means that scripts originating from your machine will execute without a trusted signature, but external scripts will require a signature.
I have an powershell script saved in a .cmd file that downloads a file from the web and then unzips it. My azure web role executes it upon startup. This is the script:
powershell -ExecutionPolicy Bypass -c $(New-Object Net.WebClient).DownloadFile('URL.zip', 'FILE.zip') ;
(New-Object -com shell.application).namespace('c:\FOLDER').Copyhere((New-Object -com shell.application).namespace('FILE.zip').items())
When I run the script via Azure startup tasks:
The first part of the script works. The file is downloaded. The second part of the script which unzips does not run.
When I run the script via the command line when remoted into the VM:
The entire script runs.
I therefore know this is not a syntax error. The only difference I can think of between the two cases above is a permissions issue. But, I am running powershell with -ExecutionPolicy set to Bypass, which is the highest permission level. Anybody have any ideas? Thanks!
Change the command so that the output of the command is dumped into a file. Something like this should work
<YOUR_COMMAND> > out.log 2> err.log
Run the task again and checkout the output in the logs.
Also, you are using relative paths rather than absolute ones. The scheduled task probably run with the windows system folder as its working directory, so you may be getting a permissions error from that. Try using an absolute path to a directory you created.