How to call a batch file that is on a server? - powershell

I am trying to script the installation of new computers at my office. I am stuck on one section here:
I need to run this command and I need to run the batch file as an administrator.
start \SERVERNAME\M-Modal\Fluency.Direct.9.1.65.7.6.4.v7\fd.client\install_silent.bat\
how would I change my credentials to tell it to run as an administrator ?
Also, What is the command to call the batch file that is located on this server ?
Thanks,
Andrew

$cred = get-credential
start-process -credential -cred
Enter your admin account in get-credential.
Alternatively
Start-Process -FilePath "x.bat" -Verb runAs
From Example 5 from here: https://technet.microsoft.com/en-us/library/hh849848.aspx
Thanks, Tim.

Related

Run PowerShell script as different user and hidden window from another PowerShell script

I need to run a PowerShell script from another PowerShell script as different user and hidden window.
What do I have so far:
Start-Process powershell '& C:\test.ps1' -WindowStyle Hidden -Credential $cred
where $cred is a PSCredential object. The test.ps1 script is for testing purposes one line with Remove-Item. As I can still see the file not being removed I can tell that the script is not being run.
EDIT
My original intention is to run regedit script but when I was implementing Start-Job answer (below) I've got this error:
Start-Job : The value of the FilePath parameter must be a Windows PowerShell script file. Enter th
e path to a file with a .ps1 file name extension and try the command again.
You could use jobs for this. As the Powershell documentation says
A Windows PowerShell background job runs a command without interacting
with the current session.
PS> $myJob = Start-Job -FilePath C:\test.ps1 -Credential $cred
To get the result/output of the job, use Receive-Job
PS> $myJob | Receive-Job -Keep
You can run the PowerShell scripts through task scheduler. I'm not sure if it is your goal, but it will let you execute PowerShell scripts on a user's session using their credentials.
I'll let you Google the how to, to fit your needs.

Run .bat file with Administrative rights

My PowerShell script runs a .bat file to install an .msu file. But I need to run this .bat file with Administrator rights.
The .bat file is:
WUSA C:\temp\Win8.1AndW2K12R2-KB3191564-x64.msu /quiet /norestart
I have Domain Controller and a lot of clients. With PowerShell PS session I interactively connect to every client. I need to use this bat file with Domain Admin credentials, how can I do this?
You could use Invoke-Command
You could save the servers in list in a text file and then use the Get-Content command to save the array in a variable:
$clients = Get-Content C:\ExampleClientList.txt
Then use the variable for the ComputerName parameter of Invoke-Command. Then in the scriptblock parameter is where you run the command, since you can run executables in PowerShell there isn't any need for the bat file. Last the Credential parameter will allow you run this as the Local administrator.
Invoke-Command -Computername $clients -ScriptBlock {WUSA C:\temp\Win8.1AndW2K12R2-KB3191564-x64.msu /quiet /norestart} -Credential (Get-Credential)
I am not sure i understand your question.
To start batch file from powershell you can use start-proccess command:
powershell start-process <path to your file> -verb RunAs

How to prompt to run EXE as different user in powershell

How would I go about running an EXE as a different user? How could I prompt for credentials or atleast ask for the password for a local admin to launch an exe through powershell. I'm having a hard time getting the runas command to work.
This was the latest thing I tried:
runas -credential .\me c:\windows\system32\notepad.exe
This works in the powershell terminal:
runas /user:asdf c:\windows\system32\notepad.exe but doesn't ask for credentials in a standalone powershell script.
This is a simple operation.
Start-Process "c:\windows\system32\notepad.exe" -Credential $(Get-Credential)
Using Get-Credential will prompt the user for credentials, You can also store it in a variable.
$Creds = Get-Credential
Start-Process "c:\windows\system32\notepad.exe" -Credential $Creds
Try following
Start-Process notepad.exe -Verb RunAsUser
change directory to .exe directory and run below command
runas /netonly /user:<domain\username> .\<app name>

teamcity powershell - unable to run batch file

I've spent quite a bit of time banging my head on this one. A little StackOverflow help please, good folks!
Scenario: We are trying to run a custom .bat file located on the CI server via the TeamCity Powershell step.
When powershell script is run on local box manually, it kicks off .bat file correctly.
When powershell script is run through TeamCity, it successfully 'sees' the .bat file (validated by receiving a 'cannot find file' response when I rename the .bat file it is expecting)
HOWEVER, we have not seen any indication that the .bat file was actually kicked off.
What we've tried:
We've added the 'RedirectStandardOutput' and 'RedirectStandardError' for attempt to diagnose, but although the log file is created, it is returned blank.
We've granted filepath permissions and tried two different credentials including the credential of the TC build agent
Added "-wait" at one point to see if we needed to 'tell' PS to wait on the .bat file.
Two questions...
What is preventing us from running this .bat file?
How do we diagnose issues like this? ATM it is a 'blackbox' to us.
TeamCity Powershell settings:
Powershell Run Mode: Version 1.0; Bitness x64 (tried x86 as well)
Working Directory: Tried as blank, and specific filepath of .bat file (so, 'D:\folder\folder2\')
Script: Source Code
Script Execution: Execute .ps1 from external file (tried with 'Put script into PowerShell stdin with "-Command -" argument' as well)
Add -NoProfile argument (tried both)
Powershell script:
#Predefine necessary information
$Username = "DOMAIN\username"
$Password = "password"
$ComputerName = "CI Build Server Name"
#Create credential object
$SecurePassWord = ConvertTo-SecureString -AsPlainText $Password -Force
$Cred = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList $Username, $SecurePassWord
#Start batch file
Start-Process "testbat.bat" -WorkingDirectory D:\file\path\ -Credential ($Cred)-NoNewWindow -RedirectStandardError stderr.txt -RedirectStandardOutput stdout.txt
Write-Host "Executed powershell."
UPDATE 1: If we remove the '-Credential ($Cred)' portion we are able to kick off the testbat.bat file from TeamCity, as expected. The problem must lie with that "-Credential ($Cred)" argument, somehow. Any thoughts?
UPDATE 2: If we set the '-Credential ($Cred)' portion to the credential of the build agent user we are able to kick off the test.bat file from TeamCity. The problem only occurs when we set the credential to a user other than the one running the build agent. This seems to indicate that credential syntax is fine.
UPDATE 3: Tried running with PowerShell executionpolicy set to 'RemoteSigned' and 'Unrestricted'. Problem persists.
UPDATE 4: Gave the BuildAgent user, and the user of whom we want to run this as, full permissions to powershell via 'Set-PSSessionConfiguration'. Problem persists.
$credential = New-Object System.Management.Automation.PsCredential(".\user", (ConvertTo-SecureString "pass" -AsPlainText -Force))
Start-Process powershell -Credential $credential -ArgumentList '-noprofile -command &{Start-Process D:\file\path\test.bat -NoNewWindow -RedirectStandardError stderr.txt -RedirectStandardOutput stdout.txt }'
note:
first i get credential "user" ur user then convert your pass to plain text
then start-process with your credential set
If agent is running as service under Local System account, then it's not possible to run PowerShell under specified account. The workarounds are:
Run agent via command line.
Try to run agent service under another account (not Local System) with administrator rights, probably it will help.
Try RunAs plugin. It provides an ability to run builds under the specified user account.

Start-Process with alternative credential in a remote session

all,
I believe this scenario sounds indeed odd, but I do need your help on this.
First I use
Enter-PSSession -ComputerName myComputerName -Credential domain\user1
to remote to a third machine from my dev machine. I got a prompt like [myComputername]: PS C:\Users\user\. Then I try to Start-Process with another user, say domain\user2. However it failed, although the executable path fed to the Start-Process is full under control of domain\user2. I suppose there is no permission problem on this. For example
Start-Process -FilePath powershell -ArgumentList "-command" & {whoami} "" -Credential domain\user2 -WorkingDirectory workingdirectory
It wouldn't print the domain\user2. And it would if you run this command after remote desktop to the test machine. Anyone knows the root cause and the fix of this?
Thanks & Regards,
Jingfei
I believe you have the dreaded Powershell Remoting Second Hop blues.
http://technet.microsoft.com/en-us/magazine/jj853299.aspx
CredSSP:
http://msdn.microsoft.com/en-us/library/ee309365(v=vs.85).aspx
Delegating credentials to a runspace:
http://www.vinithmenon.com/2012/11/delegated-administration-in-windows.html