I am a very newbie to powershell.
I just learnt scripting hello world in power shell.
But, I have a task which i need to complete.
From my hello world powershell (Say 'Script One') , I want to call another powershell (say 'Script Two'), which I am able to do.
But in Script Two, I want to pass different credentials.
So Script One should call Script Two with the credentials I mention.
Can anyone please help me up.
Script One (My first script script) :
Write-Host “Hello, World!”
invoke-expression -Command "C:\Scripts\Script Two.ps1" **[BUT CALL WITH THE CREDENTIALS I WANT]**
Try this in your first script :
$credential = New-Object System.Management.Automation.PsCredential("OTHERLOGIN", (ConvertTo-SecureString "OTHERPASSOWRD" -AsPlainText -Force))
Start-Process powershell.exe -Credential $credential -NoNewWindow -ArgumentList "-File 'C:\Scripts\Script Two.ps1'"
But storing credendials in a script is a bad habit, so you could use this instead (will prompt you for login/password for the second script) :
$credential = Get-Credential
Related
So I have been spinning my wheels on this one. I'm creating a small application in powershell gui that needs to run a .bat by passing credentials inputted from a textbox. What I have been trying to figure out is how pass these credentials when a button is clicked on the GUI.
I have two boxes on the GUI where the user passes there credentials.
$userTextBox.Text
$passwordTextBox.Text
Then when the button is clicked the .bat file needs to runas user\password. This below is more like psuedo code because I'm not sure how to do this at this point. I have looked online and on safari books but I can not find an example. I did find one but it was doing something different and I did not understand it.
$StartButton.Add_Click({Start-Process
runas $userTextBox.Text\$passwordTextBox.Textc:\temp\Scripts\MapCopyTuner.bat
})
Any help is much appreciate, as you can tell I'm very green here.
You would need to convert the username\password as PSCredential, and pass it to Start-Process
Here is a sample powershell snippet (you can make this less verbose this by inlining variables if you wish).
$password= convertto-securestring $passwordTextBox.Text -asplaintext –force
$credential = new-object -typename System.Management.Automation.PSCredential -argumentlist $userTextBox.Text,$password
$script = "c:\temp\Scripts\MapCopyTuner.bat"
Start-Process powershell -Credential $credential -ArgumentList "-noprofile -command &{Start-Process $script -verb runas}"
I have a powershell script and from inside this, i want to run a batch script as differend user.
That means i have a AD service user account and with this i must run the batch script.
It must work like a scheduled task in windows, where you can run it as differend user without store the password.
Now the question is how i can run the batch script from inside a powershell script with the service user and don't need to store the password in the Powershell script?
i have tried this:
Start-Process -Credentil "Domain\Account" -FilePath "CMD.exe" -Argumentlist "/c C:\myScript.cmd"
The result is that a window pops up where i must typ in the password for the service user.
Can any one help me with this?
Thank you and best regards,
Nico
You need to register system scheduler task with credentials or store password in the script:
$credentials = New-Object System.Management.Automation.PSCredential -ArgumentList #($username,(ConvertTo-SecureString -String $password -AsPlainText -Force))
Start-Process -Credential $credentials -FilePath "cmd.exe"
I am trying to run a powershell script from another powershell script passing in the credentials of a different user and then using the credentials:
Start-Process powershell.exe -Credential "LON\my-user" -NoNewWindow -ArgumentList "-file C:\DevopsScripts\stuckApps.ps1"
I have this is numerous different ways all get the same error. I have tried setting the username and password before the command:
$username = "LON\my-user"
$password = "pass"
$PSS = ConvertTo-SecureString $password -AsPlainText -Force
$cred = new-object system.management.automation.PSCredential $username,$PSS
$env:USERNAME
Start-Process powershell.exe -Credential $cred -NoNewWindow -ArgumentList "-file C:\DevopsScripts\stuckApps.ps1"
But everything I try gets the error:
Start-Process : This command cannot be run due to the error: The user name or password is incorrect.
I know the username and password are correct as they have been tested on the cmd which it works fine:
C:\Users\ADM-me>runas /noprofile /user:LON\my-user"powershell.exe C:\DevopsScripts\stuckApps.ps1"
What am I doing wrong here and how could I fix this, preferably by setting the password beforehand, so this can be automated. Also this does not need to be done using Start-Process, just this is the closest thing I could find to working.
I think the problem I am having is this, in stuck apps it has this:
$conn = New-Object System.Data.SqlClient.SqlConnection
$conn.ConnectionString = "Server = mssql.co.uk; Database = mydata; Integrated Security = true;"
$conn.Open()
I need this to run the credentials that I am trying to pass through it or else I get this error.
`Exception calling "Open" with "0" argument(s): "Login failed. The login is from an untrusted domain and cannot be used with Windows authentication."
But I can't pass the credentials through as the only ones that work are admin ones, (which I have but then that will throw the error above). Is it possible for me to use the admin logins to access stuck apps then use the logins needed to connect on stuck apps as an AD login.
Your first attempt with -Credential "LON\my-user" can't work, but your second attempt is correct, building the object of class PSCredential, as required (see the type in Get-Help Start-Process -Parameter Credential, it is PSCredential and not String). I tried the same with some reused code here, and it works here both or CMD and PS1 calling a PS1 test script via Powershell.exe, using a local test account (sorry, no domain #home).
So even though my code ist not identical and the domain of the user is the local machine, the approach is the same compared to yours and - sorry that this does not solve your problem - I don't see that you are doing sth. wrong.
To play safe, please make sure though to test with the same Powershell version, the below scripts executed under W10 1607 (so Powershell 5.1.14393.1198), all scripts in the same directory.
testscript.ps1
write-host "Testscript is run with user: $($env:USERNAME)"
Start-Sleep 2
testrun.cmd
runas /noprofile /user:%COMPUTERNAME%\myaccount "powershell.exe -NoProfile -ExecutionPolicy ByPass -file %~dp0testscript.ps1"
testrun.ps1
$Username = "$($env:COMPUTERNAME)\myaccount"
$Password = 'mypassword'
$SecurePassword = ConvertTo-SecureString -String $Password -AsPlainText -Force
$ScriptFile = Join-Path -Path $PSScriptRoot -ChildPath 'testscript.ps1'
$Credential = New-Object System.Management.Automation.PSCredential( $Username, $SecurePassword)
$StartOpts = #{ 'FilePath' = 'powershell.exe'
'Credential' = $Credential
'NoNewWindow' = $false
'ArgumentList' = #( '-f', $ScriptFile,
'-ExecutionPolicy', 'Bypass',
'-NoProfile'
)
}
Start-Process #StartOpts
Some remarks on testrun.ps1
Don't mind the parameters for Start-Process being passed as a hashtable, it's just better readable for me, otherwise it makes not difference
The ArgumentList is being passed as a string array here - I prefer it this way so that it is automatically taken care for double qouting parameters, e.g. when the pathname of the script directory would contain spaces
The parameter -NoNewWindow passed to Start-Process seems not to have any effect here - a new window is opened
I always recommend to add the parameters -Noprofile and -ExecutionPolicy Bypass when using Powershell.exe to launch scripts or execute commands, just to make sure it works despite of the Execution Policy set or any present user or machine profile scripts.
However, at least the parameter -NoProfile seems not to work the same when Powershell.exe is being called fom the above CMD or PS1. Called from PS1, my machine profile gets nevertheless executed, but not fom CMD... interesting! The MSDN: PowerShell.exe Command-Line Help just says about this parameter: "Does not load the Windows PowerShell profile." Funny! There are six of them, see Technet: Understanding the Six PowerShell Profiles. I use "Current User, Current Host – console" and "All Users, Current Host – console". Lesson learned, but I am not sure if it's a bug or a feature.
I can't wrap my head around this at all. I have a powershell script that works fine as long as the user has admin rights, because it is moving data to a NAS share that requires write permissions. My issue is I am putting the script in the GPO Startup process. So I need to run the powershell script as another user.
Do I somehow add the new user credentals inside the script itself, or use another process to runas the other user?
I've tried creating another .ps1 script to start the original script, but it didn't work.
I really want to be able to do this in the original script that's doing all the work.
$username = 'domain\user'
$password = 'password'
$cred = New-Object System.Management.Automation.PSCredential -ArgumentList #($username,(ConvertTo-SecureString -String $password -AsPlainText -Force))
Start-Process -FilePath D:\Scripts\Monitor.ps1 -ComputerName localhost -Credential $cred
and I've tried:
Start-Process -FilePath D:\Scripts\Monitor.ps1 -ComputerName (NAS IP Address) -Credential $cred
This works fine inside a powershell script, so how do I get this to run as another user?
& D:\Scripts\monitor.ps1
We have decided to run this as a task under task scheduler at boot up run by a service account that has all the correct permissions. Not what I really wanted but it does work
So I have been spinning my wheels on this one. I'm creating a small application in powershell gui that needs to run a .bat by passing credentials inputted from a textbox. What I have been trying to figure out is how pass these credentials when a button is clicked on the GUI.
I have two boxes on the GUI where the user passes there credentials.
$userTextBox.Text
$passwordTextBox.Text
Then when the button is clicked the .bat file needs to runas user\password. This below is more like psuedo code because I'm not sure how to do this at this point. I have looked online and on safari books but I can not find an example. I did find one but it was doing something different and I did not understand it.
$StartButton.Add_Click({Start-Process
runas $userTextBox.Text\$passwordTextBox.Textc:\temp\Scripts\MapCopyTuner.bat
})
Any help is much appreciate, as you can tell I'm very green here.
You would need to convert the username\password as PSCredential, and pass it to Start-Process
Here is a sample powershell snippet (you can make this less verbose this by inlining variables if you wish).
$password= convertto-securestring $passwordTextBox.Text -asplaintext –force
$credential = new-object -typename System.Management.Automation.PSCredential -argumentlist $userTextBox.Text,$password
$script = "c:\temp\Scripts\MapCopyTuner.bat"
Start-Process powershell -Credential $credential -ArgumentList "-noprofile -command &{Start-Process $script -verb runas}"