Hello,
I am wondering if someone can explain ( Please share ), and possibly give references ( Preferred ) to different types of credentials needed /used when executing PowerShell scripts.
I'm working on a Powershell script with a GUI. The computers are domain joined. I have 3 accounts: Standard User, Workstation admin, and a 3rd that is used for more 3rd party tools: RSA admin, Crashplan , McAfee console, etc...
I have not been able to find information on best practices on credential use.
I want the script to run in 2 modes: Remote or Local. Nearly all script tasks are all run on a domain-joined workstation ( Post imaging customization). There are some tasks that that are getting info from AD or adding a workstation admin account, etc... but most are customization changes.
I've found 2 different methods: Using my workstation admin credential, or some other bypass mode documentation.
At the beginning of script I need reasonably high level access,
might need to set allow RDP but usually it's set
allow pssremote
set execution policy remote signed or bypass mode
Get /Set AD related items
then at end of script I want to revert back to all original security settings.
I 'm also a bit confused about running script with my credentials or somehow switching as logged in user and using elevation to make the changes needed. I say this because I tried several methods of running the script and depending of what section of the script it is running the changes do not take effect.
Sorry for the long post, it's my first one, lol, i'll keep em' shorter in the future if possible.
Please clarify Credential Levels for running scripts
Forum rules
Do not post any licensing information in this forum.
Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
Do not post any licensing information in this forum.
Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
-
shiroscout
- Posts: 41
- Last visit: Sat Jul 15, 2023 7:13 pm
Re: Please clarify Credential Levels for running scripts
There is really no simple way to answer your question. All answers are dependent on the script you are using.
There is no way in PowerShell to "switch credentials".
You can use "Invoke-Command", "Start-Process" and "Start-Job" to run code with alternate credentials.
There is no way to avoid the UAE prompt.
My best suggestions are to take the time to learn Windows Security and PowerShell. Once you understand both to a reasonable depth the answers to your questions will become obvious.
Again. We can answer your question for a specific script. It is impossible to answer for all conditions.
There is no way in PowerShell to "switch credentials".
You can use "Invoke-Command", "Start-Process" and "Start-Job" to run code with alternate credentials.
There is no way to avoid the UAE prompt.
My best suggestions are to take the time to learn Windows Security and PowerShell. Once you understand both to a reasonable depth the answers to your questions will become obvious.
Again. We can answer your question for a specific script. It is impossible to answer for all conditions.
-
shiroscout
- Posts: 41
- Last visit: Sat Jul 15, 2023 7:13 pm
Re: Please clarify Credential Levels for running scripts
Hello,
Alright. Thank you for the quick reply.
I'll check out those other commands you mentioned to try and get a better understanding of those.
Thank You,
Wayne
Alright. Thank you for the quick reply.
I'll check out those other commands you mentioned to try and get a better understanding of those.
Thank You,
Wayne
Thank You,
Wayne
Wayne