none
Use PSEXEC as system account to run a powershell script RRS feed

  • Question

  • Sorry if this has been asked before?

    Hi, I hope you can help!

    I'm trying to write a script which calls psexec as a system account, then, starts powershell as the system account, which is then supposed to run a PS script to install a VPN profile for always on VPN. I can run type in the command manually, and it works, but when I run the bat file, the script returns an error code of 0, but when checking if the the profile is install... it hasn't?

    The script I've written is below, how can I get this to pass the PS commands into the psexec posershell window??

    @echo off
    .\psexec.exe -i -s PowerShell.exe -command {'.\Add VPN.ps1 -xmlFilePath .\Device Tunnel VPN Profile_RemovedTrafficFilter.xml -ProfileName Test_Device_VPN'}

    Thanks in advance

    Monday, November 12, 2018 2:33 PM

Answers

  • Thanks Steven

    I got it working yesterday, it looks like when launching the bat file as administrator, the working directory is different. So I did the following:

    @echo off
    pushd %~dp0
    set "dir=%CD%"
    .\PsExec.exe -i -s PowerShell.exe -command "&'%dir%\Add VPN.ps1' -xmlFilePath '%dir%\Device Tunnel VPN Profile.xml' -ProfileName 'Test_Device_VPNv1'"

    Considering how short the script is, I can't beleive how long it's taken to get it to work!

    I now have to see how I can modify the profile going forward without having to remove and re-add the profile.


    • Marked as answer by TheWookie5375 Thursday, November 15, 2018 2:13 PM
    • Edited by TheWookie5375 Thursday, November 15, 2018 2:13 PM
    Thursday, November 15, 2018 2:13 PM

All replies

  • Maybe long winded but how about create another batch file that runs psexec as system that then runs the above batch file, so that the batch file runs as system?

    I don't know if it would work or not but I'm thinking it will.

    Thursday, November 15, 2018 2:08 PM
  • Thanks Steven

    I got it working yesterday, it looks like when launching the bat file as administrator, the working directory is different. So I did the following:

    @echo off
    pushd %~dp0
    set "dir=%CD%"
    .\PsExec.exe -i -s PowerShell.exe -command "&'%dir%\Add VPN.ps1' -xmlFilePath '%dir%\Device Tunnel VPN Profile.xml' -ProfileName 'Test_Device_VPNv1'"

    Considering how short the script is, I can't beleive how long it's taken to get it to work!

    I now have to see how I can modify the profile going forward without having to remove and re-add the profile.


    • Marked as answer by TheWookie5375 Thursday, November 15, 2018 2:13 PM
    • Edited by TheWookie5375 Thursday, November 15, 2018 2:13 PM
    Thursday, November 15, 2018 2:13 PM
  • Hate to necro this, but this solution didn't work for me because of the spaces in the file name. In order to get it to work, I edited your solution:

    pushd %~dp0
    set "dir=%CD%"
    .\PsExec.exe -i -s C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell.exe -executionpolicy unrestricted -command "& """"%dir%\VPN_Profile_Device.ps1"""" -xmlFilePath """"%dir%\VPN_Profile.XML"""" -ProfileName aoVPN";

    If your VPN name has spaces, it will also need to be enclosed in 4 double quotes.

    Monday, June 3, 2019 9:26 PM