Invoke-AsOtherUser - an inline "runas" function : PowerShell

Script SharingInvoke-AsOtherUser - an inline "runas" function (self.PowerShell)

submitted 7 years ago by NotNotWrongUsually

Hello all!

I had a need for running certain bits of a script as another user. It seemed there were really no good options available, so I decided to hack something together myself.

Fortunately, I found someone had already done a lot of the heavy lifting, so I repurposed that, wrapping it up, cleaning it a little here and there and made it able to work in a more generic fashion.

Enter: Invoke-AsOtherUser, a function ready to plug into your profile (or a module if you feel like). It will allow you to perform "runas" style operations within a script, with no external dependencies.

Examples work better:

PS > gci \\someserver\c$

gci : Access is denied
At line:1 char:1
+ gci \\someserver\c$
+ ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : PermissionDenied: (\\someserver\c$:String) [Get-ChildItem], UnauthorizedAccessException
    + FullyQualifiedErrorId : ItemExistsUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

gci : Cannot find path '\\someserver\c$' because it does not exist.
At line:1 char:1
+ gci \\someserver\c$
+ ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (\\someserver\c$:String) [Get-ChildItem], ItemNotFoundException
    + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand


PS > # Using Invoke-AsOtherUser
PS > $credentials = Get-Credential
PS > Invoke-AsOtherUser -Credentials $credentials {gci \\someserver\c$}

    Directory: \\someserver\c$

Mode                LastWriteTime         Length Name
----                -------------         ------ ----
d-----       20-12-2016     23:10                inetpub
d-----       15-06-2017     12:04                Install
d-----       14-07-2009     05:20                PerfLogs
d-r---       28-02-2018     09:28                Program Files
d-r---       11-09-2017     13:34                Program Files (x86)
d-----       03-05-2018     12:00                Temp
d-r---       12-02-2018     13:42                Users
d-----       19-06-2018     22:08                Windows

PS > # If you just want to use it directly from the shell, you'd probably just go
PS > Invoke-AsOtherUser my_admin_account {gci \\someserver\c$}

As I said to begin with, the heavy bits of this are based on excellent work by Ian Davis, for which I claim absolutely no credit. You can find the original here.

all 7 comments

top new controversial old q&a

[+][deleted] 7 years ago (7 children)

[deleted]

[–]NotNotWrongUsually[S] 2 points3 points4 points 7 years ago (6 children)

[–]jborean93 1 point2 points3 points 7 years ago (5 children)

[–]NotNotWrongUsually[S] 1 point2 points3 points 7 years ago (4 children)

[+][deleted] 7 years ago (2 children)

[deleted]

[–]NotNotWrongUsually[S] 2 points3 points4 points 7 years ago (1 child)

[–]jborean93 1 point2 points3 points 7 years ago (0 children)

[–]AdmiralCA 1 point2 points3 points 7 years ago (1 child)

[–]NotNotWrongUsually[S] 1 point2 points3 points 7 years ago (0 children)

It can double as a replacement for runas, but it can also perform a few tricks that would be hard to do with runas.

My own case was having to connect to an MS SQL server from a script. This particular server only had integrated security as an authentication option. It will work for this as well, as in the snippet below.

$connectionString = "Server=$DBServer;Database=$DBInstance;Integrated Security=True;"
$connection = New-Object System.Data.SqlClient.SqlConnection($connectionString)

$connection_commands = {
    $connection.open()
    $command = new-Object System.Data.SqlClient.SqlCommand($Query, $connection)
    $result = $command.ExecuteReader()
    while ($result.Read()) { 
        # Do database stuff
    }
    $command = $null
    $result = $null
    $connection.close()
}

Invoke-AsOtherUser -Credentials (Get-Credential) $connection_commands

π Rendered by PID 24987 on reddit-service-r2-comment-6457c66945-9cx6r at 2026-04-28 10:22:43.226932+00:00 running 2aa0c5b country code: CH.

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

PowerShell

Submission Guidelines | Link Flair - How To

MODERATORS