I have this setup with a GPO to run as a logon script, obviously to map a drive for clients.
net use H: \\server1\share\$env:username
Dead simple. If I put in a specific username in place of the variable then it works. Also, if I run this script directly on a client machine it works.
Do you get an error? Does it helps if you wrap the path in double quotes?
"\\server1\share\$env:username"
That should work with or without the quotation marks. Are the clients all Windows 7? I believe that Powershell logon/startup scripts don't work on earlier versions, even if you have Powershell installed, because it's an add-on rather than a native shell. If you're using downlevel clients, you can invoke the powershell script from a cmd batch file. But if you're going to do that, might as well skip Powershell and just run net use H:\\server1\share\%username% from your batch file.
Run this in a .bat file as a login script (use a FQDN for the server name):
net use H: \\server.example.com\share\%USERNAME%
If that not works, your GPO is just not yet applied. You can force that by running on the machine gpupdate /force.
For testing make sure that the GPO is applied to the right OU to the group "Authenticated Users" (computers are in the group too). And if that is not working, you can also "Enforce" the GPO. Don't forget to do a gpupdate /force after any change to the GPO or it settings.
You can also try a .js logon script like:
var WSH = new ActiveXObject("WScript.Shell");
// Map share
WSH.Run("net use H: \\\\server.example.com\\share");
Related
Is there a was for a Powershell script to be launched from Scheduler and run full ISE window and close when done.
I am using ZeeDrive to map a SharePoint Drive but running the Script in Scheduler, it cannot see the Drive. Yet if I open in ISE and run, it finds it fine. What I got back from ThinkScape :
'Zee Drive needs to run in a Windows session. It is designed for end users – if it is running as a service, or “headless” i.e. no Windows session, or being accessed from a different Windows session it won’t work.
We don’t support Zee Drive running as a service or for service type workloads – it is designed for end users working with documents'.
Any help would be greatly appreciated.
Thanks
The only way I can think of, would be to add your script to the Microsoft.PowerShellISE_profile.ps1 and then start ISE with the scheduler and your file as parameter, like this:
powershell_ise .\Check-Process.ps1
In your profile you would want to make sure, that the script only runs, when you open that file:
if($psISE.PowerShellTabs.Files.FullPath -eq '\\fileserver\path$\to\my\Powershell\Check-Process.ps1')
{
& '\\fileserver\path$\to\my\Powershell\Check-Process.ps1'
}
But be carefull! The script runs now everytime you open it in ISE unless you use the switch -noprofile.
So far I did not find a way to close the ISE window with the profile script.
I am trying to run a specific command line function in my PowerShell script. The catch is the command needs elevated permissions to be able to execute.
Here is a condensed example:
# PowerShell code...
query session /server:"SERVERNAME" #NEEDS ELEVATED PERMISSIONS
# More PowerShell code
The query command needs to be run under elevated permissions.
I have tried the following:
Invoke-Command -ScriptBlock {
query session /server:"SERVERNAME"
} -Credential get-credential
But this doesn't work because the -ComputerName parameter needs to be present when using a -Credential parameter. I want to be able to run this without using a remote server.
I know I can get around it by having the users start up PowerShell under their elevated account credentials, but I'd rather just prompt for credentials while the script runs and just run that single command under their administrator account credentials. Everything else the script does is fine under normal credentials.
There are some add-ins for PowerShell, but I actually found the simplest way was to:
Sysinternals in regular command line
With the PSexec process, you can pass IP address, usermame, and password
Fiddle with it to a point you're happy
Create a batch file to then run from PowerShell if that is the desired deploy to environment
When creating the method, have it consume parameters if you want the call out to be dynamic and consume different usernames/passwords/IP addresses to log into
If the exec will always run on "computerA" using "loginA" and "pwA" then there is obviously no need to parameterize
*Sysinternals cannot be used to outright hack a terminal. The user of a remote exec must first have the same Sysinternals tools installed to the system that is to accept remote executables, that tool must be opened once and given GUI-based approval to allow run on said system must be physically addressed.
Note: Any remote PSexec's using credentials will execute with the same level of permissions that the provided username/password is granted on that system.
Here is the link: (PsExec v2.2). Although I recommend going a level or two up and downloading the entire toolbox.
I’m in the process of creating a powershell script to check OU users against users already configured for file share archiving but I’ve hit a stumbling block. I can query AD to get a list of users per OU and their home directories, dumping all of the details out to text files for logs and basing subsequent queries on. Once I have these details I try to run a dos command, (Enterprise Vault) Archivepoints.exe passing variables to it. The command would usually be :
Archivepoints.exe find \\fopserver045v\ouone_users$
When I try to run the following code I get an error.
$app="D:\Enterprise Vault\ArchivePoints.exe"
$EVArg = "find"
$VolLine = "\\fopserver045v\ouone_users_r$"
Invoke-Item "$app $EVArg $VolLine"
Invoke-Item : Cannot find path 'D:\Enterprise Vault\ArchivePoints.exe find \fopserver045v\ouone_users_r$' because it does not exist.
At first I thought it was missing the first backslash of the UNC path that was causing the issue but I'm no longer sure.
The script and command run on the EV server and the UNC bath doesn't actually go to the server, it's only a reference path within EV so it's not a credentials issue.
I need to be able to log the output to file too if possible.
What should the code look like and should I be using invoke-command or Invoke-Expression instead ?
Thanks
Don't use Invoke-Item. External commands should be run using the call operator (&). You can use splatting for the argument list.
$app="D:\Enterprise Vault\ArchivePoints.exe"
$arguments = "find", "\\fopserver045v\ouone_users_r$"
& $app #arguments
I have modified a script to standardise our organisations signatures in Outlook. The script uses a Word document as a template for the signature and extracts user details from the Active Directory info on our SBS 2003 server.
I am logged in as a Domain Admin and the script works ok for my Outlook signature (there are a couple of errors but it creates the 3x outlook signature files that I need). I can't get it to run on any other computer (but this is the only one with Powershell installed) nor will it run for any other user on this computer.
I would really like to be able to run the script from each workstation. This would be easy if it was a batch file, but it won't work as a powershell script. Do I need to install Powershell on every workstation or is there a simpler way to get it to work?
Also,
I wonder if there is a problem with the script that is not allowing other users to run it from this computer (even with Powershell installed).
Cheers,
Greg
Yes, you need Powershell installed on every machine where you want the script to run. It's included with OS on everything from Server 2008 and Windows 7, but otherwise you'll need to install Powershell manually.
You will also have to enable remote scripting on each machine, since this is disabled by default (for security reasons). Take a look at the following help pages for information and instructions on how to set up:
Get-Help about_remote
Get-Help about_remote_FAQ
Get-Help about_remote_requirements
Get-Help about_remote_troubleshooting
If you want to use PowerShell remotely you will need to install it. If you don't want to do that you could look at psexec - that's one of Sys Internals great tools. It will enable you to run commands\scripts remotely.
I have a different suggestion. Could you generate these signature files for your employees on your machine and then push the signatures out to all the other machines?
I need to know if it is possible to run powershell remotely in the following scenario:
I have a Windows XP box WITHOUT Powershell installed. From this box, I would like to run a PS script located somewhere like: \\mypc\C$\Scripts\information.ps1.
The script should be run against the machine where it resides. In this case, the “mypc” machine would be running the script and returning the result to the XP machine.
What makes this difficult is the fact that I cannot install Powershell or any third party apps on the Windows XP machine.
It’s a long shot but would this be doable?
Thanks!
While you can't actually run the script on the local machine without PS installed there, depending on what you want to actually accomplish you may be able to run it locally and simply access the remote resources. Most of a machine's resources are typically available remotely (File System, Registry, WMI, etc.) depending on the security on the machine.
EDIT: Now that my complete misunderstanding of the issue is cleared up, my answer would be: No, you do not need to have Powershell installed on a local machine to run a script on a remote machine that does have Powershell installed. Just use PSExec to kick off the Powershell process on the remote machine. I realize that the OP cannot install 3rd party apps, but there is absolutely no install associated with PSExec, it is a completely stand alone exe.
It has been a while since I had to do this so I did a quick check. This at the command line worked for me:
psexec \\REMOTEMACHINE "C:\Windows\system32\WindowsPowershell\v1.0\powershell.exe" -File C:\temp\test.ps1 -NoProfile -NonInteractive
You need to have Powershell installed. This isn't possible :(. Sorry.
Using Psexec is the only way I can think of too. However, if you are using PSexec.exe using alternate credentials, the credentials are passed over the network in plaintext. Something to be wary about if your network is visible to other people.