locked
run command as different user RRS feed

  • Question

  • I've been Googling this but I've yet to find exactly what I need.   We use a PowerShell GUI tool that allows us to compile our PowerShell code into an .EXE.  This GUI tool has different buttons that do many different things but its all PowerShell under the covers.   We'd like to add a new button that when pressed will add "computer" to a certain AD Group.   But the users pressing this button don't have rights to add machines to AD groups.    How can you run Add-ADGroupMember as a different user but do NOT prompt for credentials or password?    I've seen a few examples like this  Start-Process powershell.exe -Credential "domain.com\account"  but it prompts for a password.

    Wednesday, March 21, 2018 4:02 PM

Answers

  • Hi,

    thats right. If you use the command

    Start-Process powershell.exe -Credential "domain.com\account" 

    the new Process is started as Domain.com\account but you don´t enter the Password for this account.

    In order to solve your Problem you have to create a new credential Object in your script and use the start-process with this credential object

    $user = "domain.local\user"
    $secPW = ConvertTo-SecureString -String "P@ssw0rd" -AsPlainText -Force
    $cred = New-Object System.Management.Automation.PSCredential($user, $secPW)
    start-process powershell.exe -credential $cred
    
    hope this helps.


    regards Thomas Paetzold visit my blog on: http://sus42.wordpress.com

    • Marked as answer by bellmonster Wednesday, March 21, 2018 4:32 PM
    Wednesday, March 21, 2018 4:30 PM

All replies

  • Hi,

    thats right. If you use the command

    Start-Process powershell.exe -Credential "domain.com\account" 

    the new Process is started as Domain.com\account but you don´t enter the Password for this account.

    In order to solve your Problem you have to create a new credential Object in your script and use the start-process with this credential object

    $user = "domain.local\user"
    $secPW = ConvertTo-SecureString -String "P@ssw0rd" -AsPlainText -Force
    $cred = New-Object System.Management.Automation.PSCredential($user, $secPW)
    start-process powershell.exe -credential $cred
    
    hope this helps.


    regards Thomas Paetzold visit my blog on: http://sus42.wordpress.com

    • Marked as answer by bellmonster Wednesday, March 21, 2018 4:32 PM
    Wednesday, March 21, 2018 4:30 PM
  • very cool !!
    Wednesday, March 21, 2018 4:32 PM