"请求的注册表访问不允许"当试图运行PowerShell脚本远程机器上使用模拟 [英] "Requested registry access is not allowed" When Attempting to Run PowerShell Script on Remote Machine Using Impersonation

查看:440
本文介绍了"请求的注册表访问不允许"当试图运行PowerShell脚本远程机器上使用模拟的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

这是我第一次尝试从C#应用程序执行的PowerShell脚本。我使用PowerShell的,因为我需要从我执行远程机器上的.exe文件的输出。我能够运行使用WMI在远程机器上的.exe文件,但我无法得到我所需要的输出。

This is the first time I try to execute PowerShell scripts from a C# application. I'm using PowerShell because I need the output from the .exe I'm executing on the remote machine. I was able to run the .exe on the remote machine using WMI, but I couldn't get the output I needed.

在任何情况下,我已经打算在这个过去一天左右,我已经看了各地的网络,并在这里所以对于类似的问题,但似乎无法找出问题。我想从我的远程计算机上的.NET 4.0应用程序运行一个简单的PowerShell命令。下面code,当我运行Visual Studio 2013作为管理员执行罚款:

At any rate, I've been going at this for the past day or so, and I've looked around the web and here at SO for similar issues, but can't seem to figure out the problem. I'm trying to run a simple PowerShell command from my .NET 4.0 application on a remote machine. The following code executes fine when I run Visual Studio 2013 as an administrator:

PowerShell ps = PowerShell.Create();
ps.AddScript(@"Invoke-Command {c:\path\to\file.exe /p} -computername <computerName>");
results = ps.Invoke();

我得到预期的结果。然而,当我运行VS作为一个非管理员,在code似乎执行罚款(无例外),但我回去没有结果。细算了一下周围,我添加模拟如下:

I get the expected results. However, when I run VS as a non-administrator, the code seems to execute fine (no exceptions), but I get no results back. After looking around a bit I added impersonation as follows:

using (var impersonator = new Impersonator("username", "domain", "password"))
{
    PowerShell ps = PowerShell.Create();
    ps.AddScript(@"Invoke-Command {c:\path\to\file.exe /p} -computername <computerName>");
    results = ps.Invoke();
}

不过,ps.Invoke方法启动抛出System.Security.SecurityException - 请求的注册表访问是不允许的这里是堆栈跟踪:

However, the ps.Invoke method starts throwing a System.Security.SecurityException - "Requested registry access is not allowed." Here is the stack trace:

在Microsoft.Win32.RegistryKey.OpenSubKey(字符串名称,布尔可写)      在System.Environment.GetEnvironmentVariable(字符串变量,EnvironmentVariableTarget目标)      在System.Management.Automation.ModuleIntrinsics.GetExpandedEnvironmentVariable(字符串名称,EnvironmentVariableTarget目标)      在System.Management.Automation.ModuleIntrinsics.SetModulePath()      在System.Management.Automation.ModuleIntrinsics..ctor(执行上下文语境)      在System.Management.Automation.ExecutionContext.InitializeCommon(AutomationEngine引擎,PSHost hostInterface)      在System.Management.Automation.ExecutionContext..ctor(AutomationEngine引擎,PSHost hostInterface,RunspaceConfiguration runspaceConfiguration)      在System.Management.Automation.AutomationEngine..ctor(PSHost hostInterface,RunspaceConfiguration runspaceConfiguration,InitialSessionState ISS)      在System.Management.Automation.Runspaces.LocalRunspace.DoOpenHelper()      在System.Management.Automation.Runspaces.LocalRunspace.OpenHelper(布尔syncCall)      在System.Management.Automation.Runspaces.RunspaceBase.CoreOpen(布尔syncCall)      在System.Management.Automation.Runspaces.RunspaceBase.Open()      在System.Management.Automation.PowerShell.Worker.CreateRunspaceIfNeededAndDoWork(运行空间rsToUse,布尔isSync)      在System.Management.Automation.PowerShell.CoreInvokeHelper [TInput,TOutput](PSDataCollection 1的输入,PSDataCollection 1个输出,PSInvocationSettings设置)      在System.Management.Automation.PowerShell.CoreInvoke [TInput,TOutput](PSDataCollection 1的输入,PSDataCollection 1个输出,PSInvocationSettings设置)      在System.Management.Automation.PowerShell.CoreInvoke [TOutput](IEnumerable的输入,输出PSDataCollection`1,PSInvocationSettings设置)      在System.Management.Automation.PowerShell.Invoke(IEnumerable的输入,PSInvocationSettings设置)      在System.Management.Automation.PowerShell.Invoke()

at Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean writable) at System.Environment.GetEnvironmentVariable(String variable, EnvironmentVariableTarget target) at System.Management.Automation.ModuleIntrinsics.GetExpandedEnvironmentVariable(String name, EnvironmentVariableTarget target) at System.Management.Automation.ModuleIntrinsics.SetModulePath() at System.Management.Automation.ModuleIntrinsics..ctor(ExecutionContext context) at System.Management.Automation.ExecutionContext.InitializeCommon(AutomationEngine engine, PSHost hostInterface) at System.Management.Automation.ExecutionContext..ctor(AutomationEngine engine, PSHost hostInterface, RunspaceConfiguration runspaceConfiguration) at System.Management.Automation.AutomationEngine..ctor(PSHost hostInterface, RunspaceConfiguration runspaceConfiguration, InitialSessionState iss) at System.Management.Automation.Runspaces.LocalRunspace.DoOpenHelper() at System.Management.Automation.Runspaces.LocalRunspace.OpenHelper(Boolean syncCall) at System.Management.Automation.Runspaces.RunspaceBase.CoreOpen(Boolean syncCall) at System.Management.Automation.Runspaces.RunspaceBase.Open() at System.Management.Automation.PowerShell.Worker.CreateRunspaceIfNeededAndDoWork(Runspace rsToUse, Boolean isSync) at System.Management.Automation.PowerShell.CoreInvokeHelper[TInput,TOutput](PSDataCollection1 input, PSDataCollection1 output, PSInvocationSettings settings) at System.Management.Automation.PowerShell.CoreInvoke[TInput,TOutput](PSDataCollection1 input, PSDataCollection1 output, PSInvocationSettings settings) at System.Management.Automation.PowerShell.CoreInvoke[TOutput](IEnumerable input, PSDataCollection`1 output, PSInvocationSettings settings) at System.Management.Automation.PowerShell.Invoke(IEnumerable input, PSInvocationSettings settings) at System.Management.Automation.PowerShell.Invoke()

我不知道为什么我得到当管理员帐户我跑的访问注册表,不仅对我的机器,但对整个企业的机器SecurityException异常。而且我甚至不能确定哪个注册表它在获取例外,我的机器或远程机器。

I'm not sure why I'm getting the SecurityException when the administrator account I'm running as has access to the registry, not only on my machine but on machines across the enterprise. And I'm not even sure which registry it's getting the exception on, my machine or the remote machine.

推荐答案

冒充之前创建的基本运行空间为您PowerShell的对象:

Create the underlying RunSpace for your PowerShell object before impersonating:

PowerShell ps = PowerShell.Create();
Runspace runspace = RunspaceFactory.CreateRunspace();
runspace.Open();
powerShell.Runspace = runspace;

using (var impersonator = new Impersonator("username", "domain", "password"))
{
    ps.AddScript(@"Invoke-Command {c:\path\to\file.exe /p} -computername <computerName>");
    results = ps.Invoke();
}
runspace.Close()

的运行空间对象封装的脚本执行的操作系统环境。被访问的关键可能是HKCU \环境。这就是我所看到的用rel="nofollow">性能监视器

The RunSpace object encapsulates the OS environment for script execution. the key being accessed is probably HKCU\Environment. That is what I saw when using Perfmon. RunSpace probably uses the HKCU\Environment to populate variables such as $PATH.

因此​​,在创建运行空间时,你想让它当前用户有权访问HKCU \环境。

Therefore, when the RunSpace is created, you want it the current user to have access to HKCU\Environment.

拉​​动是其他地方一劈为避免注册表访问问题的。但是,仅仅创造了PowerShell的对象不保证Runspace.Open()被调用。

Pulling RunSpace.Open of the impersonated block is mentioned elsewhere as a hack for avoiding the registry access problem. However, merely creating the PowerShell object does not guarantee that the Runspace.Open() is called.

这篇关于&QUOT;请求的注册表访问不允许&QUOT;当试图运行PowerShell脚本远程机器上使用模拟的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
C#/.NET最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆