Kace - Running PowerShell Script from UNC Path
Kace - Running PowerShell Script from UNC Path
I'm just learning, hoping someone has some insight...
If I run a .ps1 scrip from a UNC path: c:\<path>\powershell.exe -ep bypass -file "\\server\share\<path>\script.ps1"
As the local system, the agent does not appear to have access (permission) to the UNC path. However, If I run it as an account that is an admin on the local machine and has permissions to the UNC path, the script runs, but I get a UAC prompt when that script launches the installer that it's supposed to...
Any Ideas, work-arounds?
Thank you,
Adam
I'm just learning, hoping someone has some insight...
If I run a .ps1 scrip from a UNC path: c:\<path>\powershell.exe -ep bypass -file "\\server\share\<path>\script.ps1"
As the local system, the agent does not appear to have access (permission) to the UNC path. However, If I run it as an account that is an admin on the local machine and has permissions to the UNC path, the script runs, but I get a UAC prompt when that script launches the installer that it's supposed to...
Any Ideas, work-arounds?
Thank you,
Adam
0 Comments
[ + ] Show comments
Answers (2)
Please log in to answer
Posted by:
SMal.tmcc
9 years ago
the agent is running as system so it cannot login.
Solution 1 create a readonly share that everyone has rights to, even non-domain users
Solution 2 add a net use command to map a drive letter in your script with credentails to access the schare and run from the drive and then net use /delete when done
net use k: \\server\share\<path> /user:someuser somepassword
on success
c:\<path>\powershell.exe -ep bypass -file "k:\script.ps1"
net use k: /delete
Solution 1 create a readonly share that everyone has rights to, even non-domain users
Solution 2 add a net use command to map a drive letter in your script with credentails to access the schare and run from the drive and then net use /delete when done
net use k: \\server\share\<path> /user:someuser somepassword
on success
c:\<path>\powershell.exe -ep bypass -file "k:\script.ps1"
net use k: /delete
Posted by:
EdT
9 years ago
I would definitely suggest that solution 2 is the more secure option of the two, as solution 1, basically a null session share, leaves the share wide open to absolutely anyone. What you may wish to consider is programming an EXE that you can call from your script which makes the connection to the share, so that the connection credentials are hidden.
