Using Invoke-WmiMethod to run an executable on a remote machine as a particular user

StackOverflow https://stackoverflow.com/questions/19109456

  •  29-06-2022
  •  | 
  •  

Frage

As part of some deployment automation, I am trying to run an executable on a remote machine using powershell. The excutable needs to run as a particular user so that it can connect to the appropriate database to do its work.

For example, the Powershell script is running on Machine1 as user "Org\TFSUser". It needs to run the executable on Machine2 as the "Devel\BuildServices" user. I am trying to use the Invoke-WmiMethod commandlet to start the executable on the remote server as shown below. This seems to work in that it runs the executable on the remote machine but using the Anonymous user login. The error I see in the logs is System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.

$username = "devel\BuildServices"
$password = cat Deploy\SecurePasswords\PasswordForBuildServicesAsSecureString.txt | convertto-securestring
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $password
Invoke-WmiMethod -class Win32_process -name Create -ArgumentList ("C:\TeamCityDeployments\Importer\Importer.exe -pFile:C:\TeamCityDeployments\Importer\alphaParams.txt >> importer.log") -ComputerName "Machine2.devel" -Impersonation 3 -EnableAllPrivileges -Credential $cred

To build up the credential object with password without prompting, I am using the secure strings as specified here.

In the Invoke-WmiMethod, I am supplying the parameter "-Impersonation 3" as specified here. My understanding was that this would start the remote process while impersonating the user credentials that I am passing in.

Can anyone tell me how to run the executable on a remote machine using the credentials of a specific user.

War es hilfreich?

Lösung

Try using New-PSSession and Invoke-Command with the CredSSP authentication as you seem to have the double-hop authentication issue.

Check my answer to the question below to see how to setup and use CredSSP, it's fairly simple.

Running batch file on Remote Computers using PowerShell 2.0

Lizenziert unter: CC-BY-SA mit Zuschreibung
Nicht verbunden mit StackOverflow
scroll top