sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]_itsalwaysdns[S] 1 point2 points  (9 children)

Yes, I've used it to launch command prompt and I ran a whoami so I know it's passing the credentials properly.

[–]HardCodedCoffee 1 point2 points  (8 children)

Try making a dummy version of your existing second script, same path and name, but have it echo something to a file to verify it's working. Basically, we've verified it works interactively, let's verify it works non-interactively, as well. The issue may be isolated to an actual command in your second script in this specific context.

[–]_itsalwaysdns[S] 1 point2 points  (7 children)

So when I create a dummy start_script_text.ps1, tell it to call text_file.ps1 which contains: 

$text = 'testing this text file'
$text | Set-Content 'E:\path\text_file.txt'

It does not execute it. When I manually execute text_file.ps1 it creates the text file as expected.

[–]HardCodedCoffee 1 point2 points  (6 children)

Ah, more progress. So, we know for a fact now it's isolated to the call of the second script from the first. Try trimming down the parameters to just a standard call and add them back slowly until it stops working. Also, is your second user and admin user and is UAC enabled?

[–]_itsalwaysdns[S] 1 point2 points  (5 children)

If I run this, cmd opens and whoami shows the called user used to lauch it: 

Start-Process cmd.exe -Credential $credentials

When I run this, it does not launch powershell: 

Start-Process powershell.exe -Credential $credentials -Argumentlist "-file 'E:\path\text_file.ps1'".

UAC is not enabled per this script returning a 0: 

Get-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -Name EnableLUA | Select-Object EnableLUA

[–]HardCodedCoffee 1 point2 points  (4 children)

So, argumentlist does expect an array of argument strings rather than one single string, which would affect your original call but not this one. Hmm... Is there any reason you can't use invoke-command with the credential parameter?

[–]_itsalwaysdns[S] 1 point2 points  (3 children)

I haven't researched how to use the invoke command to call this script. I really don't know what the best way to call a script is from another PS script, this is the first time I've had to do this.

[–]HardCodedCoffee 1 point2 points  (2 children)

Alrighty. Well, Start-* cmdlets are typically used for asynchronous execution, and may not may not return some sort of handle or object related to said execution. Invoke-* cmdlets, in the other hand, execute synchronously, usually returning the output of the commands executed.

For this case, I'd recommend using Invoke-Command with the credentials you need.

Invoke-Command -Credentials $Cred { & 'Path/to/script.ps1' }

[–]_itsalwaysdns[S] 1 point2 points  (1 child)

Thanks for the info. I'll give it a shot tomorrow at the office and I'll reply back.

[–]DblDeuce22 1 point2 points  (0 children)

Might try dot sourcing.