Execute Powershell scripts as Console User
Description
By default, the FileWave Client executes scripts and tasks with elevated permissions (rootSystem on macOS)Windows). ThisThe additionbelow shows a method to the start oflaunch a script will execute itcommand as thean currentlyalternate logged-in user (also known as the console user).user.
Ingredients
- Text editor
- FileWave Central
Directions
Insertmethodthis nearrequires thestartusername and password ofyourthescript,userbeforeto run thedesiredcommand.actions.Do not add usernames and passwords directly in scripts.Credentials of a user may be passed to Invoke-Command.
Due to the above warning, add the username and password as Environment Variables to the Script in the Fileset.
For example:
Change 'secure_password' and 'user' values to required entries.
These will be referenced in the Powershell Script as:
- $Env:pass
- $Env:user
For example:
credential#!/bin/zsh$securePasswordcurrent_user== ConvertTo-SecureString $(statEnv:pass -f%Su /dev/console) current_user_id=$(idAsPlainText -uForce $current_user)Example:=#!/bin/zshNew-Objectcurrent_user=System.Management.Automation.PSCredential ($(stat -f%Su /dev/console) current_user_id=$(id -uEnv:user, $current_user) launchctl asuser $current_user_id sudo -u $current_user whoamisecurePassword) echo "hello$Env:UserName"world"Invoke-Command>>-ComputerName/Users/localhost -Credential $current_user/Desktop/test.txtcredential -ScriptBlock { # Code to action by the defined user should be added here echo "$Env:UserName" }
This
The
DESKTOP-N05SO1D$
LocalAdmin