Create credential variable for Powershell script to use

Dear expert

I need help with code below. Script does stop all the service that have name: Apsvx*
Now I have permission problem running this, now I do have a administration rights account, but this code is running in a program that runs using a user rights permission.
However I come up a workaround! If you first create a variable name: $credential with administration rights account login info and below code run as that, then it would work.

Anyone know how to do that?
Thnx  

Get-Service -DisplayName Apsvx* -ComputerName ServerIP | ForEach-Object {
	$result = $_ | Select Name, DisplayName, Status, Result, Error
	Try {
		Stop-Service -InputObject $_ -ErrorAction Stop
		$result.Result = 'STOPPED'
	}Catch {
		$result.Result = 'FAILED' }
}

Open in new window

LVL 1
WeTiAsked:
Who is Participating?
 
Alex Green3rd Line Server SupportCommented:
lol that's what I thought

Create a batch file

put powershell.exe c:\locationofscript

Save as Run.bat or something, you can put that into notepad

Then right click run as administrator.


Or

$credentials = Get-credentials

Get-Service -DisplayName Apsvx* -ComputerName ServerIP | ForEach-Object {
	$result = $_ | Select Name, DisplayName, Status, Result, Error
	Try {
		Stop-Service -InputObject $_ -ErrorAction Stop
		$result.Result = 'STOPPED'
	}Catch {
		$result.Result = 'FAILED' }
}

Open in new window

Cheers
Alex
0
 
KimputerCommented:
Doesn't sound right, to have a user do admin level stuff.
Of course it's possible, but then, try the master/slave method.
Master obviously being the script running in admin mode.
Slave is the user using the program.
What the user is allowed to do, is fire the command. Not the script! just a command you make up. If you don't have a master/slave communication setup, you can change it to, for example, a text file on the server (in a folder with only the rights assigned to this user), with the content being the "password" (just for extra safety).
The master program will either fire immediately (if you have a correctly written filewatcher style program), or is scheduled regularly (means, the user will have to wait a max. of the scheduled interval), and check for this text file, check the password, and fire the REAL script. If you use the text file method, obviously the script ends with deleting this file.
This way, it's all the way secure, no leaking of admin info at all.
0
 
WeTiAuthor Commented:
What? ...
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
Jason CrawfordTransport NinjaCommented:
Personally I think you should just right click run as administrator or run the script through a scheduled task.  However, there is a method for self elevating apparently - https://blogs.msdn.microsoft.com/virtual_pc_guy/2010/09/23/a-self-elevating-powershell-script/
1
 
Alex Green3rd Line Server SupportCommented:
You can't right click and run as administrator on the PS1 script. you have to wrap it in a batch file and then right click and run as admin
0
 
Jason CrawfordTransport NinjaCommented:
I never said to right-click the .ps1 file.  Thank you for pointing that out though.
0
 
Alex Green3rd Line Server SupportCommented:
Nice link though, I quite like that, although not for smaller scripts, I'd just wrap it in a batch file.
0
 
WeTiAuthor Commented:
Alex how do to wrap it in a batch file?
0
 
Alex Green3rd Line Server SupportCommented:
open notepad

put in

 powershell.exe c:\locationofscript

click file,

Save as

Change type to all files

Put in the name

run.bat

Click save

Then right click and run as administrator
0
 
Shaun VermaakTechnical Specialist/DeveloperCommented:
Rather use
powershell.exe -ExecutionPolicy Bypass -File c:\locationofscript\script.ps1

Open in new window

0
 
oBdACommented:
Self-elevating, will only ask if not already running elevated:
If ((& whoami.exe /groups /fo csv | ConvertFrom-Csv | Select-Object -ExpandProperty SID) -notcontains "S-1-16-12288") {
	Start-Process -Verb RunAs -FilePath 'powershell.exe' -ArgumentList '-ExecutionPolicy', 'Bypass', '-NoExit', '-Command', "& '$($MyInvocation.MyCommand.Path)'"
	Exit
}
Get-Service -DisplayName Apsvx* -ComputerName ServerIP | ForEach-Object {
	$result = $_ | Select Name, DisplayName, Status, Result, Error
	Try {
		Stop-Service -InputObject $_ -ErrorAction Stop
		$result.Result = 'STOPPED'
	} Catch {
		$result.Result = 'FAILED' }
}

Open in new window

0
 
WeTiAuthor Commented:
Thanks for all the help, now none of your solutions worked in my case, because the SCOM is not allowing .Net script to control the service on the computer, however I found the workaround to use Run a program and save the script file on the server and call it using a Run Program tool from SCOM this worked. Well sadly I couldn't use the .Net Script tool tho... Anyway, the case is closed and it works well now. Thanks alot all again.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.