Hey Guys,
I faced with a problem, then need to run powershell script where is UAC enabled, and Powershell execution policy is set to: restricted, exmp: domain controllers.
Lat's say you need to create scheduled task, which pulls some information with ps script and writes to sysvol folder.
!!!!Access denied-- Access denied-- Access denied-- Access denied-- Access denied-- Access denied!!!!
So what to do:
Create vbs script, which start's Powershell script:
Set oShell = CreateObject("Shell.Application")
oShell.ShellExecute "powershell", "-executionpolicy bypass -file PathToPowershellScript", "", "runas", 1
Add code to your Powershell script:
param([switch]$Elevated)
function Test-Admin {
$currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
$currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
}
if ((Test-Admin) -eq $false) {
if ($elevated)
{
# tried to elevate, did not work, aborting
}
else {
Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -noexit -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition))
}
exit
}
'running with full privileges'
----HERE IS YOU PS CODE-----
Create scheduled task:
Cscript yourvbsscript.vbs
Hope it helps
I faced with a problem, then need to run powershell script where is UAC enabled, and Powershell execution policy is set to: restricted, exmp: domain controllers.
Lat's say you need to create scheduled task, which pulls some information with ps script and writes to sysvol folder.
!!!!Access denied-- Access denied-- Access denied-- Access denied-- Access denied-- Access denied!!!!
So what to do:
Create vbs script, which start's Powershell script:
Set oShell = CreateObject("Shell.Application")
oShell.ShellExecute "powershell", "-executionpolicy bypass -file PathToPowershellScript", "", "runas", 1
Add code to your Powershell script:
param([switch]$Elevated)
function Test-Admin {
$currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
$currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
}
if ((Test-Admin) -eq $false) {
if ($elevated)
{
# tried to elevate, did not work, aborting
}
else {
Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -noexit -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition))
}
exit
}
'running with full privileges'
----HERE IS YOU PS CODE-----
Create scheduled task:
Cscript yourvbsscript.vbs
Hope it helps