Solved

PowerShell Launching application using different user account failed ?

Posted on 2016-07-28
6
128 Views
Last Modified: 2016-09-21
Hi All,

Due to PCI compliance all WIndows RSAT application and other IT Management tools must be launched by using my own AD admin account.

Since I login using DOMAIN\username how can I create the Powershell script to start the Remote Server Administration Tools for Windows 10 ?

Note, I'm trying to use the below script but it is not working for MMC application.

Start-Process -FilePath "C:\Windows\System32\dsa.msc" -Credential (Get-Credential) -WorkingDirectory "C:\Windows\System32\"

Open in new window


Error Code:
Start-Process : This command cannot be run because the input "C:\Windows\System32\dsa.msc" is not a valid Application.  Give a valid application and run your command again.
At C:\Users\admini\AppData\Local\Temp\dd5b272b-a9e0-448d-8879-71e5f670e144.ps1:4 char:1
+ Start-Process -FilePath "C:\Windows\System32\dsa.msc" -Credential (Ge ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Start-Process], InvalidOperationException
    + FullyQualifiedErrorId : InvalidOperationException,Microsoft.PowerShell.Commands.StartProcessCommand

Open in new window


but it works for Internet Explorer for example:

Start-Process -FilePath "C:\Program Files\Internet Explorer\iexplore.exe" "www.microsoft.com" -Credential (Get-Credential) -WorkingDirectory "C:\Program Files\Internet Explorer\"

Open in new window

0
Comment
  • 2
  • 2
6 Comments
 
LVL 39

Expert Comment

by:Adam Brown
ID: 41733987
If you log into your workstation with your admin credentials, that will let you run RSAT with them. Is there something that keeps you from doing so?

That said, dsa.msc isn't a valid application. It's a snap-in for the MMC. You can try running mmc.exe with the command, or you can use %SystemRoot%\system32\ServerManager.exe to open the server manager UI
1
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 41733988
Hi AC,

I'm logging in using DOMAIN\username but all of those applicaton must be executed using DOMAIN\Admin-Username hence I must perform Right Click and then select Run As..
0
 
LVL 12

Expert Comment

by:Dustin Saunders
ID: 41734153
Hmm, that's a tricky one but I think I have a solution.  Firstly, you need
-Verb runas

Open in new window

But that will fail with different credentials.  So I think the solution is to first launch powershell as the admin user, then run MMC with elevation.  This is working for me on my 2012R2 server.

$call = 'Start-Process -FilePath "C:\Windows\System32\mmc.exe" -ArgumentList "C:\Windows\System32\dsa.msc" -Verb runAs'
Start-Process powershell.exe -NoNewWindow -ArgumentList $call -Credential (Get-Credential)

Open in new window

1
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 41734227
Dustin,

When I execute from my work laptop, I got this error:

Start-Process : This command cannot be run due to the error: The directory name is invalid.
At C:\Users\Admini\AppData\Local\Temp\dd5b272b-a9e0-448d-8879-71e5f670e144.ps1:3 char:1
+ Start-Process powershell.exe -NoNewWindow -ArgumentList $call -Creden ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Start-Process], InvalidOperationException
    + FullyQualifiedErrorId : InvalidOperationException,Microsoft.PowerShell.Commands.StartProcessCommand

Open in new window

0
 
LVL 12

Accepted Solution

by:
Dustin Saunders earned 500 total points
ID: 41734655
Odd, should default the working dir to sys32 but try adding it in:

$call = 'Start-Process -FilePath "C:\Windows\System32\mmc.exe" -ArgumentList "C:\Windows\System32\dsa.msc" -Verb runAs'
Start-Process powershell.exe -NoNewWindow -ArgumentList $call -Credential (Get-Credential) -WorkingDirectory "C:\Windows\System32"

Open in new window

0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
Windows 10 came with  a lot of built in applications, Some organisations leave them there, some will control them using GPO's. This Article is useful for those who do not want to have any applications in their image (example:me).
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question