2

I am running a powershell script remotely via an agent. The agent on the machine runs the powershell script as "NT Authority/SYSTEM" but I want to the switch to another user on the system and run the powershell script.

Below is the code that I used to switch to "Administrator" account but I am getting permission denied error .

$username = "domainname\administrator"
$pw = "XXXXXXXX"
$password = $pw | ConvertTo-SecureString -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential -ArgumentList $username,$password
Start-Process Powershell.exe -Credential $cred  -ArgumentList '-noexit','-File', ' C:\Users\Administrator\test.ps1'

Below is the error I am getting. 
 Start-Process : This command cannot be run due to the error: Access is denied.
user3290656
  • 339
  • 1
  • 3
  • 10
  • Why do you need to run the script as some other user? – Bill_Stewart Mar 08 '21 at 18:57
  • I am trying to do read and write excel operation via powershellscript remotely on the system. When I run my powershell script it run as NT authority/System and excel starts with Sign-In prompt. I trying to avoid this sign-in by switching to existing user on the system. – user3290656 Mar 09 '21 at 01:53
  • What are you trying to do with Excel? – Bill_Stewart Mar 09 '21 at 02:09

3 Answers3

1

I had the exact same issue while trying to launch a powershell script on my Windows 10 guest from a Linux host, through qemu-guest-agent.

Part of what my script did was launching a desktop software and interacting with its gui.

My problem was solved using PsExec.

My agent command :

virsh -c qemu:///system qemu-agent-command my_domain \
'{"execute": "guest-exec", "arguments": { "path": "cmd.exe", "arg": [ "/c", "c:\\path\\to\\my_psexec_script.cmd" ], "capture-output": true }}'

My PsExec script, in the cmd file :

C:\path\to\PsExec.exe -accepteula \\DESKTOP-NAME -u user -p password -i sessionid powershell.exe -File C:\path\to\powershell_script.ps1

This is not a secure solution since the password is stored within the script.

To get the session id of the user of your choice, use the following command :

query session

The reason I used an intermediary script to launch PsExec was simply because it was easier to do so on my guest rather than entering all the arguments from my agent.

I based my solution on this post

It was also important that my script executed in the foreground.

leas
  • 329
  • 8
  • 17
0

Try using invoke-command like below

$remoteSession=New-PSSession RemoteComputername -credential $credential1
Invoke-Command -session $remoteSession -scriptblock {
$newcredential = New-Object System.Management.Automation.PsCredential("domain\myuser", (ConvertTo-SecureString "password" -AsPlainText -Force))
Start-Process powershell.exe -Credential $newcredential ArgumentList '-noexit','-File', ' C:\Users\Administrator\test.ps1'
}

References:
https://community.idera.com/database-tools/powershell/ask_the_experts/f/powershell_remoting-24/14483/runas-a-different-user-on-a-remote-server

TheGameiswar
  • 27,855
  • 8
  • 56
  • 94
0

Sometimes ConvertTo-SecureString does not work with variables with "The system cannot find the path specified" error. In my case that happened, when I tried to execute my script under "NT AUTHORITY\SYSTEM". And saving password in a script is not a good idea :) I would suggest to execute in PowerShell:

ConvertTo-SecureString "your-password" -AsPlainText -Force|ConvertFrom-SecureString

The result will look like (I replaced with dots portion of it):

01000000d08c9ddf0115d1118c7a00...476ee5cd27619ce72296a774f1400000091265bae2a7d2851f8807a9a9d70a7a6a7e6dc91

After that in your script:

$password = ConvertTo-SecureString -String "01000000d08c9ddf0115d1118c7a00...476ee5cd27619ce72296a774f1400000091265bae2a7d2851f8807a9a9d70a7a6a7e6dc91"

Hope this will help

Skeptical Bystander
  • 31
  • 1