I have this simple script on Windows 10, which works fine when just executing, but fails to start notepad when running from task scheduler. Stop-Process works perfectly, Start-Process does not run. When I run it on demand, it closes the notepad and then keeps running without opening notepad, the task does not close also.
Stop-Process -processname notepad
Start-Process "C:\Windows\system32\notepad.exe"
This is how it is configured to run.
Things I have tried, but still does not work.
First of all, I am running under administrator account.
In task schduler, run with highest privileges is checked.
I have tried -ExecutionPolicy Bypass and -ExecutionPolicy RemoteSigned
Under security policy have given my user Logon as batch job permission
Turn UAC off
The application was ran in background. To make it run on foreground, had to check the box Run only when user is logged on.
Related
I have a powershell script that needs to be run as admin to set IP addresses. Then I need to run an application as non-admin. As I understand it, this corresponds to the term "elevated rights".
If I simply double click the .exe from the file explorer (not "run as admin"), the app runs as intended without elevated rights.
I have found several tips online on how to accomplish this, however I haven't succeeded with the following commands in my script:
(from How to run exe with/without elevated privileges from PowerShell)
runas /trustlevel:0x20000 "\..\myApp.exe":
this results in an "Internal error" because access is denied to a certain ".lock" file related to an eclipse workspace.
Second approach:
Start-Process -filepath "\..\myApp.exe" -ArgumentsList "-ExecutionPolicy bypass -Scope CurrentUser"
this runs the application but it's run in elevated state.
EDIT: Third approach:
I tried making a second script from where I run
Start-Process -FilePath "\..\myApp.exe"
which I call from my main script using:
Start-Process PowerShell -ArgumentList '-File ""\..\mySecondScript.ps1""' -Verb open
This results in myApp running with elevated rights when its called from within the main script, but without elevated rights when run on powershell on its own.
So this has me perplexed. We have a Powershell script that calls the following command:
$id = get-rdusersession
When we run the script from the Powershell console everything works just fine. However, when we run this very same script from the Windows Task Scheduler things fail. In the transcript is the following:
get-rdusersession : A Remote Desktop Services deployment does not exist on OurServer.OurDomain.com.
This deployment definitely exists- and the entire scripts runs fine from the Powershell console. I have tried all manner of
-CollectionBroker
to no avail. The scheduled task is set to run as administrator with elevated permissions. also the command parameters
-noprofile -executionpolicy unrestricted -noninteractive
are all set.
Anyone have any idea at all what the problem is?
So I can write a script in Powershell ISE, not save it, and it will run (F5/green arrow on the ISE). Once I save it, I get the error saying I can't run saved scripts. If I open a Powershell window in the directory the saved script exists, I can run it with
powershell -ExecutionPolicy ByPass -File script.ps1
But is there a way I can get this to work when running it via the ISE's green arrow/F5? I don't have admin access to this PC
Edit: Windows 10
Ok so I just found out you can set Execution Policy for yourself (current user) without having admin rights. So if you're coming here from google do this:
Set-ExecutionPolicy -Scope "CurrentUser" -ExecutionPolicy "RemoteSigned"
Also you can run individual script without setting Execution Policy for current user, by passing Execution Policy only for file script.
For example:
Powershell -executionpolicy RemoteSigned -File "C:\scripts\script.ps1"
Very convenient for scheduled tasks in the Windows Task Scheduler to run PowerShell commands (scripts).
That's my addition for google users
I am currently logged into my system as administrator, and run power1.ps1 code to call another power2.ps1 script in elevated mode.
$command = "C:\script\Power2.ps1"
Invoke-Expression $command
power2.ps1 includes the block to run the script with admin privileges, but my problem is I that I get a UAC pop-up dialog asking for confirmation where I have to click on Yes.
Code in Power2.ps1
If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{
$arguments = "& '" + $myinvocation.mycommand.definition + "'"
Start-Process powershell -Verb runAs -ArgumentList $arguments
Break
}
Write-Host "Admin Privilege Code Here"
Is there any way I can completely automate the process? I will not be able to change the UAC access to disable.
Trying to simulate a user's response to a UAC (User Account Control) dialog shouldn't be done - because it defeats the entire purpose of UAC - and most likely cannot be done (if it could be done, that would be a serious bug exploitable by malware and is certainly not something to rely upon; similarly, while it is possible to disable UAC altogether (which itself requires administrative privileges), doing so is strongly discouraged for security reasons).
However, with limitations you can use a scheduled task to bypass UAC for a given command, by calling that scheduled task on demand:
Create an auxiliary scheduled task that invokes your Power2.ps1 script and is configured to run elevated.
In the Task Scheduler (taskschd.msc) UI that means: Run with highest privilege must be checked (tab General) and also Allow task to be run on demand (tab Settings).
The task must be configured to run in the same user account that it will be on-demand invoked from, and that user account must be a member of the Administrators group.
Use Start-ScheduledTask <task-path> (or schtasks.exe /Run /TN <task-path>) to invoke this task on demand, from the same account that the task is configured for, as noted.
Start-ScheduledTask (as well as schtasks.exe /Run) runs asynchronously, so for synchronous invocation more work is needed - see this article.
Note that using -AsJob to return a job whose completion can be waited for with Wait-Job unfortunately appears not to help (as of Windows PowerShell 5.1 / PowerShell 7.2.1): the job is reported as completed before the task's command has terminated.
Also, the task's command invariably runs in a new console window (if the executable invoked is a console application).
I am trying to run the following script upon startup of my machine because I cannot get a service to start on startup. I can schedule it to run. The problem I am facing seems to be a user vs administrator issue.
This is for a Windows 7 machine with PowerShell 4.0.
I have set the execution policy to unrestricted.
When I try to run the script as the User I designated to have administrative privileges I see the following error.
When I right click the powershell icon, run as administrator the command works fine.
The command is
get-service -name "*vmauthd*" |start-service
Is it possible to run this as my user account?
Solution I was able to get this script to run on startup as I initially desired. I turned off UAC and set the execution policy to unrestricted. I am not sure if the UAC was the issue before but the script runs now. I created a cmd file with this in the code. I set the cmd file to run at startup using Windows Task Scheduler and set the task to run whether logged in or not.
PowerShell -Command "Set-ExecutionPolicy Unrestricted"
PowerShell -Command "get-service -name "vmauthd" | start-service"
pause
Here is an image of the cmd file