Menu
I am playing around with setting up some scripts on a vpn on a client's network. This client generally assigns an ActiveDirectory account on their network and use it to manage permissions (eg. to databases). Ok, that makes sense.
But here is something that confuses me:
start-process runas.exe "/user:CLIENTDOMAIN\George.Mauer /netonly W:\tools\LINQPad4\LINQPad.exe
queries for a password and runs just fine (and I can access the database)
But
Start-Process W:\tools\LINQPad4\LINQPad.exe -Credential (Get-Credential)
and entering CLIENTDOMAIN\George.Mauer and my password at the popup prompt always results in an error
Start-Process : This command cannot be run due to the error: The user name or password is incorrect.
Are these not the same thing? What's the difference between runas and -Credential? And a secondary question - how do I Start-Job with my CLIENTDOMAIN\George.Mauer credential?
1000
The Start-Process cmdlet starts one or more processes on the local computer. By default, Start-Process creates a new process that inherits all the environment variables that are defined in the current process.
Step 1: Press the Windows + R keys together to bring up the Run dialog box. Step 2: Type the PowerShell in the box and click OK button. A normal Window PowerShell will launch as a current user. Step 3: Type the command start-process PowerShell -verb runas and press "enter" key.
The Start-Job cmdlet starts a PowerShell background job on the local computer. A PowerShell background job runs a command without interacting with the current session. When you start a background job, a job object returns immediately, even if the job takes an extended time to finish.
You just need to launch the installer from command prompt using runas command and by providing administrator login id and password. Let’s see the syntax of runas command with some examples. The command to launch a program using another user credentials is given below.
The runas command also lets you to save the user’s password to the Windows Credential Manager so that you don’t have to enter it every time. Open the command prompt (or the Run window by pressing Win+R ).
The Verbs property of the ProcessStartInfo object shows that you can use the Open and RunAs verbs with PowerShell.exe, or with any process that runs a .exe file. Both commands start the Windows command interpreter, issuing a dir command on the Program Files folder.
Find the program's main executable in File Explorer. Select it, and then click or tap on the Manage tab from the ribbon. The option you need is displayed in the Run section of Application Tools.
/netonly runs the process as the current user and only network connections are made with the other credentials.
Start-Process will run the process (and all its network connections) with the other credentials. There's no way to achieve the /NETONLY functionality with Start-Process.
You'd have to p/invoke the Win32 API to achieve /NETONLY functionality. If you're up for the exercise this is the API you'll need to use LOGON_NETCREDENTIALS_ONLY with:
http://www.pinvoke.net/default.aspx/advapi32/createprocesswithlogonw.html
More resources:
LOGON_NETCREDENTIALS_ONLYTo run a job as a different user:
Start-Job -ScriptBlock {whoami} -Credential (get-credential) | Wait-Job | Receive-Job
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
