Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Run code block locally as a different user in powershell script

Tags:

windows

powershell

This is something incredibly simple, but I just can't get anything to work. I want to run a block code in a powershell script under a specific user. The keyword is locally and I'm using powershell 2.0.

Invoke-Command seems to require a remote host? I run the following and the error message that I see seems to suggest as much:

$strScriptUser = "DOMAIN\USER"
$strPass = "PASSWERD"
$PSS = ConvertTo-SecureString $strPass -AsPlainText -Force
$cred = new-object system.management.automation.PSCredential $strScriptUser,$PSS
Invoke-Command -ComputerName "." -scriptblock {
write-output "HI!"
} -Credential $cred

Start-Job with -ScriptBlock isn't supported with powershell 2.0? I run the following and the error message that I see seems to suggest as much:

$strScriptUser = "DOMAIN\USER"
$strPass = "PASSWERD"
$PSS = ConvertTo-SecureString $strPass -AsPlainText -Force
$cred = new-object system.management.automation.PSCredential $strScriptUser,$PSS
Start-Job -ScriptBlock {
write-output "HI!"
} -Credential $cred

Am I doing something wrong, or is there an alternative way?

Added: Here is what I'm trying to do in the first place. I'm making a scheduled task that runs when a user logs into/unlocks a terminal that writes logon information to a file. The scheduled task runs as the local user in order to get at the username, profile, etc. information. The logon information is then written to a log file using a different user account, which is the only account that can modify the file. To deter access to the logon credentials in the script I convert the script to an EXE using PS2EXE.

like image 316
wrieedx Avatar asked Sep 01 '14 07:09

wrieedx

1 Answers

Here is another way.

# Get the other user's credentials
$credential = Get-Credential

# Execute a scriptblock as another user
$commands = @'
    $env:username
    # ... more commands ...
'@
Start-Process -FilePath Powershell -LoadUserProfile -Credential $credential -ArgumentList '-Command', $commands

# Execute a file as another user 
$script = '.\path\name.ps1'
Start-Process -FilePath Powershell -LoadUserProfile -Credential $credential -ArgumentList '-File', $script

With the -LoadUserProfile switch, this has the added benefit of creating the user's profile if it does not already exist.

like image 138
Nathan Hartley Avatar answered Sep 22 '22 13:09

Nathan Hartley
Sign in to Comment

Related questions

What's the difference between *.bat and *.cmd file? [duplicate]
"Open with..." a file on Windows, with a python application
Sorting directories named as guid
php_redis.dll not working in windows
How can I write to the NUL device under Windows from node.js?
What could cause Perl system calls to start failing?
Is it possible to attach two debugger to one process?
what does WINAPI stand for
Using drag and drop from another directory onto a batch file does not work
Deterministic python script behaves in non-deterministic way
A NuGet-aware find_package for CMake
Python Write Replaces "\n" With "\r\n" in Windows
Selenium run as a Windows service to take screenshots on errors
how to get grep working in Emacs on Windows (EmacsW32)
Enabling query log in MySQL 5 on Windows 7
Prevent Bubbling of Event C#
static library v.s. import library on Windows platform
Script for Install SSL Certificate on Trusted Root Certificate Store
CreateProcess STATUS_DLL_NOT_FOUND - which dll?
Deploy Flask app as windows service

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!