3

Hello!

In our environment we have separate domain admins accounts for security reasons. I have a powershell script to create an account and sync it with aad, assign o365 license etc., etc. which should be run as domain admin. But html file inside this script should be printed on non-privileged account's printer(not remotely; I use the same PC)

I have 2 accounts:

admin@mydomain.com - this is my domain admin account

user@mydomain.com - this is my account it has no privileges in the domain and i am logged to pc with this account

Script run as admin@mydomain.com i need to print file to user@mydomain.com default printer.

$print_body | Out-File "C:\temp\$name $surname.html" 
$word = New-Object -comObject Word.Application
$word.documents.add("C:\temp\$name $surname.html") > $null
$word.PrintOut()

I would like "C:\temp\$name $surname.html" to be printed on my current user's (user@mydomain.com) default printer. Now, script prints file to admin@mydomain.com default printer (which is "Save to PDF"), script prompts the location to save the file.

This is my first question so I beg your pardon if it's stupid or unclear.

2 B
  • 114
  • 1
  • 12
  • You could make a scheduled task that runs as user@mydomain.com which prints and you could have your script trigger that task. – BenH Dec 08 '17 at 15:31
  • You're going to run into issues with user permissions if your user account is not privileged to read the word document. – Maximilian Burszley Dec 08 '17 at 15:49
  • you can get the default printer from the registry https://stackoverflow.com/questions/20639541/get-default-printer-remotely – Guenther Schmitz Dec 08 '17 at 17:50

1 Answers1

0

First of all, I want to thank all of you, your help is much appreciated.

Unfortunately, I couldn't achieve my goal using any comment. The solution below is a workaround, but I couldn't do it better.

Here's how I achieved my goal:

Since script should be run as admin but I am logged in as user, I have created small script(Script 1), which will prompt for admin credentials, run another script which creates user(Script 2), and as soon as user created(script is finished), run another script which prints HTML file(script 3). So it's kind of script which runs scripts :)

Picture below explains logic.

enter image description here

Script 1 body: 

do {
    try{#prompt for credentials
        $cred = Get-Credential -Message "Please provide your admin account details"

        #start Script 2 with those credentials
        $create_user = Start-Process powershell -Credential $username -ArgumentList "C:\temp\powershell\GUI.PS1" -PassThru
        $correct = $true
        }
    catch{"Wrong Credentials"}
}until($correct -eq $true)

    #wait for script 2 to finish
$create_user.WaitForExit()

#Start script 3 (Print HTML file).
Start-Process powershell -ArgumentList "C:\temp\powershell\Print_Welcome_Sheet.ps1" -NoNewWindow

Script 2 body is more than 600 string so I'll only paste part related to this question:

$print_body | Out-File "C:\temp\Powershell\new_user.html"

Script 3 body:

    #if html file exists - print it
    if (test-path "C:\temp\Powershell\new_user.html") {

    #Create new word application insance
    $word = New-Object -comObject Word.Application

    #load file
    $word.documents.add("C:\temp\Powershell\new_user.html") > $null

    #print file to default printer
    $word.PrintOut()
    #wait for 3 seconds and remove html file
    Start-Sleep -Seconds 3 
    Remove-Item "C:\temp\Powershell\new_user.html"
    }
   #if file doesn't exist do nothing
   else {}

This approach is a workaround, but it does exactly what I wanted to be done.

2 B
  • 114
  • 1
  • 12