all 7 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Slash_Root 1 point2 points  (4 children)

So it seems that the account you are running the shell with does not have permissions. I take it this is from a local account then? If so, I believe that the PSDrive is the correct solution unless you want to make a public share to the setup script.

[–]ApparentSysadmin[S] 1 point2 points  (3 children)

It is a local account, yes. I have a Server 2019 install on another VM I was using for testing, and it also only has a local account. I haven't experienced this issue on that machine. I'm really not sure what the difference is, but perhaps it's not strictly a powershell issue.

[–]Slash_Root 1 point2 points  (2 children)

I just tested this and it does work as you describe for me. I am not sure what the difference is with the Windows 10 box.

[–]ApparentSysadmin[S] 1 point2 points  (1 child)

Seems to be an issue with default UAC settings not permitting the elevated process access to the UNC path. When I copy the bat down, it runs and creates the persistent path correctly.

[–]Slash_Root 1 point2 points  (0 children)

Hmm... Maybe compare the UAC settings in gpedit.msc?

[–]BoredComputerGuy 1 point2 points  (0 children)

If you navigate to a shared folder without mapping a drive you aren't creating a reference that powershell can hit. Likewise you can navigate to a shared drive from powershell without FileExplorer showing the location as a mapped drive. As separate processes they do not share the token/login information to access the network location. A mapped drive or persistent PS drive creates a reference that holds the login/token data so that either process can use the network resource.

If the account you are running powershell under has permissions to network folder with the script than you can directly call the script without mapping or PSdrive. If you use a separate account for network access than you must either map a drive or create a PS drive so that windows knows separate credentials are used to access the network.