以具有提升权限的另一个用户身份运行的 Powershell [英] Powershell running as a another user with elevated privileges
问题描述
我在 C:\setup 中有两个脚本:script.ps1 和 script1.ps1.
I have two scripts located in C:\setup: script.ps1 and script1.ps1.
我希望能够以另一个用户的身份使用 script.ps1 并以提升的权限运行 script1.ps1,但我无法使其工作.新的 powershell 窗口打开但立即关闭...
I want to be able to run the script1.ps1 from withing script.ps1 as another user and with elevated privileges but I cannot make it work. The new powershell window opens but closes immediately ...
这里是脚本:
$cspath = $MyInvocation.MyCommand.Path
$sfolder = Split-Path $cspath
$spath = Join-Path $sfolder "\Script1.ps1"
$sa = "domain\user"
$sap = "userpassword"
$sasp = ConvertTo-SecureString -String $sap -AsPlainText -Force
$sac = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $sa, $sasp
Start-Process $PSHOME\powershell.exe `
-Credential $sac `
-ArgumentList "-Command Start-Process $PSHOME\powershell.exe -ArgumentList `"'$spath'`" -Verb Runas" -Wait
任何帮助将不胜感激...
Any help will be appreciated ...
推荐答案
看来您可能需要调整 powershell.exe
的参数.您应该使用 -File
参数,而不是使用我认为无效的 -ArgumentList
.此外,您还需要使用 -ExecutionPolicy Bypass
参数来确保脚本执行策略不会干扰.
It looks like you might need to adjust your parameters for powershell.exe
. Instead of using -ArgumentList
, which I don't think is valid, you should use the -File
parameter. Also, you will want to use the -ExecutionPolicy Bypass
parameter to ensure that the script execution policy is not interfering.
最后,我建议删除脚本路径周围的单引号,因为 Windows 命令解释器不理解将参数括起来的单引号.
Finally, I would recommend removing the single quotes from around the script path, as the Windows command interpreter does not understand single quotes to surround parameters.
试试这个:
$ArgumentList = '-Command Start-Process -FilePath $PSHOME\powershell.exe -ArgumentList "-ExecutionPolicy Bypass -File \"{0}\"" -Verb Runas' -f $sPath;
Start-Process $PSHOME\powershell.exe `
-Credential $sac `
-ArgumentList $ArgumentList -Wait
更新
这里似乎也有一些引用规则在起作用,因为我们将一个命令嵌入到另一个命令中.我在 PowerShell v4.0 上编写并测试了一个功能齐全的脚本.
Update
It seems that some quoting rules were at play here as well, since we are embedding one command inside of another. I wrote and tested a fully function script on PowerShell v4.0.
内容如下:
# Create test directory and script file
[void](New-Item -Path c:\test -ItemType Directory -Force);
Set-Content -Path c:\test\test1.ps1 -Value 'Add-Content -Path $PSScriptRoot\blah.txt -Value (Get-Date);';
# Get credential and define script path
$Credential = Get-Credential;
$ScriptPath = 'c:\test\test1.ps1';
# Define the command line arguments
$ArgumentList = 'Start-Process -FilePath powershell.exe -ArgumentList \"-ExecutionPolicy Bypass -File "{0}"\" -Verb Runas' -f $ScriptPath;
Start-Process -FilePath powershell.exe `
-Credential $Credential `
-ArgumentList $ArgumentList -Wait -NoNewWindow;
我可以确认我得到了一个 UAC 提示,并且目标脚本成功执行.
I can confirm that I get a UAC prompt, and the target script successfully executes.
这篇关于以具有提升权限的另一个用户身份运行的 Powershell的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!