Powershell with elevated permissions through RunOnce - powershell

I am trying to run a powershell script using the RunOnce registry key. I need it to run as administrator and I can get the script to run but I can't get it to run with elevated permissions. Here is what I have tried but it doesn't do anything.
My code:
%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe -verb runas -File c:\script.ps1
Any Ideas?

Try powershell.exe -executionpolicy unrestricted -file ..... and remove the set-excecution unrestricted line in your script as it won't have any effect. If powershell is able to read that command in your script file, then it means the script is allowed => execution-policy doesn't need to be changed.
Set-ExecutionPolicy is an interactive command, it does not belong in a script(unless running on a remote computer maybe).
Also, if you're trying to execute it with RunOnce, then make sure it's run using the HKLM RunOnce key to make sure it runs in the SYSTEM context(so it has the proper permissions).

Related

Powershell script to create some users and renaming some users is working when executing it within the powershell but not from the batch file

I have a PowerShell script which is used to create some users and to rename some users and its working fine when we execute it within the PowerShell (when PowerShell is running as administrator).
I have some requirements and I have to create simple executable file of this PowerShell script so every user could execute it just by double clicking on it.
For this purpose, I have created a .bat file which will execute the PowerShell script with admin rights but it's not working by double clicking the .bat file.
The .bat file is as under:
PowerShell -NoProfile -ExecutionPolicy Bypass -Command "& {Start-Process PowerShell -ArgumentList '-NoProfile -ExecutionPolicy Bypass -File ""C:\Users\aalih\Desktop\Final\first.ps1""' -Verb RunAs}"
pause
On running the .bat file, I could see the following error in the Event Viewer:
Session "PerfDiag Logger" failed to start with the following error: 0xC0000035
Any help to make this .bat file to run the script would be highly appreciated.

Running a powershell script as administrator and minimized

So I have set up a task on task scheduler to run a .bat file that runs a powershell script as admin which sets the DNS settings. I figured out how to make the .bat file run minimised, but the powershell window still pops up. Here is the script for the .bat file called "SetDNS". The powershell script's name is "DNS.ps1".
#ECHO OFF
SET ThisScriptsDirectory=%~dp0
SET PowerShellScriptPath=%ThisScriptsDirectory%DNS.ps1
PowerShell -NoProfile -ExecutionPolicy Bypass -Command "& {Start-Process PowerShell -ArgumentList '-NoProfile -ExecutionPolicy Bypass -File ""%C:\Users\Test\Downloads\DNS.ps1%""' -Verb RunAs}";
I want to change it so that the powershell script does not flash open while it runs. Is there something that I could add to the above code to make it run minimized? I tried to add "start /min" to the above code but it did not work. Help is appreciated.

Batch file to run PowerShell Script Only Works Once

So I'm trying to create a batch file to run a PowerShell script while bypassing the execution policy. Oddly, it worked a single time, but without me editing anything, it will not run again. I've created other files thinking maybe my file somehow got corrupted, but nothing... Any chance someone sees anything blatantly wrong with this?
#echo off
Powershell.exe -Command "& {Start-Process Powershell.exe -ArgumentList '-ExecutionPolicy Bypass -File %~dp0File.ps1' -Verb RunAs}"
PAUSE
The *.ps1 file works by itself if I click through the prompts. Also, if I manually set the execution policy in PowerShell to Bypass, this batch file still does not work. This is not a process I usually need to take, so I'm curious if anyone sees anything wrong with how this is written?
If this is just to run your script, what I personally do is create a shortcut of the script and then modify the Target of the shortcut:
Target: Powershell.exe -ExecutionPolicy Bypass -File "C:\scriptpath\script.ps1"
If you want your script to be executed as Administrator you can add this to the top of the main script:
$myInvoke="-file `"$($MyInvocation.ScriptName)`""
Start-Process "$PSHome\powershell.exe" -Verb Runas -ArgumentList $myInvoke -EA 'Stop'
If the shortcut will always be in the same folder as your script you can also leave Start In blank and change the path for Powershell.exe -ExecutionPolicy Bypass -File ".\script.ps1" by doing so if you copy the entire folder to a different location, the shortcut will still work.

Powershell Scripts for users

I am trying to distribute a Powershell script for our users to update some files in their roaming profile. The script works fine but I'm hitting the issue where some machines have Powershell scripts disabled.
I am having them download this from a FTP server and run it from their desktop.
Is there a way to allow them to run the script and not have it blocked by Windows?
Thank you!
As an Administrator, you can set the execution policy by typing this into your PowerShell window:
Set-ExecutionPolicy RemoteSigned -Scope CurrentUser
When you are done updating everything, you can set the policy back to its default value with:
Set-ExecutionPolicy Restricted
You can bypass this policy for a single script by adding -ExecutionPolicy Bypass when running powershell
powershell -ExecutionPolicy Bypass -File script.ps1

Run Powershell script in windows Task Scheduler(Windows 7)

Hi I've got a Script and are trying to start it in Task Scheduler.
this poses Two problems for me.
is that the script will activate a Application that requires the GUI to be running and shown. so how can I make Task Scheduler to log in to windows automatically at a specific time. The computer will never/rarely be turned off or rebooted.
2.
I have yet to Successfully start a Powershell script from the Task Scheduler. I've tried Following:
powershell.exe -noexit -executionpolicy bypass -command &'Y:\Run Test\StartPowershellScript.ps1'
And
powershell.exe -noexit -ExecutionPolicy Bypass -File 'Y:\Run Test\StartPowershellScript.ps1'
And a variation of the above.
powershell.exe -noexit -ExecutionPolicy Bypass &'Y:\Run Test\StartPowershellScript.ps1'
and I've tried some variations with and without &"" &'' & and so on.
now I'm not really sure if it can be done. but I hope I can get some help here.
Edit 1.
I just tried the following.
powershell -noexit -ExecutionPolicy Bypass &'Y:\Run Test\StartPowershellScript.ps1'
after I did this in powershell.
set-executionpolicy -scope Process -executionPolicy Unrestricted -force
set-executionpolicy -scope CurrentUser -executionPolicy Unrestricted -force
set-executionpolicy -scope LocalMachine -executionPolicy Unrestricted -force
However How do I make sure that this will persist after the computer has been rebooted ?
Edit 2.
as it seems I can't make Scheduled task log in or unlock the computer, is there Anyway to set up a task to run at a specific time to log in to the computer so the scheduled task can run at this time ?
You can't log into the GUI with a scheduled task. Enable automatic logon if you need an interactive desktop.
Remove -NoExit from the argument list, otherwise PowerShell will keep running after the script completes. Also replace your single quotes with double quotes.
The execution policy is persistent unless it's superseded by a local or group policy (in which case Set-ExecutionPolicy should throw an error) or you're logged in with a temporary profile.
If that doesn't help you need to provide more details. Doesn't the task start at all? Do you get an error? What do the task history and eventlog say? What is the output of Get-ExecutionPolicy?