PowerShell Remoting Project Home

Friday, January 27, 2006

Dreaming of SU in MSH?

(Added on Mar 6th) There is a follow up post on this topic here.

Shame on myself! I should do more research before posting a blog entry. MoW already had a similar script a couple of months ago.

Want to run a MSH script as another windows user? You got it now! I am not talking about Runas.exe. It is a MSH script to start new msh.exe process with a differnt windows identity. Just like su.exe in Linux.

###########################################
# File Name: su.msh
# Launch a new msh.exe with someone else's identity
# from tony http://mshforfun.blogspot.com/
###########################################
$SuAccount = get-credential
$StartInfo = new-object System.Diagnostics.ProcessStartInfo
$StartInfo.FileName = "msh.exe"
$StartInfo.UserName = $SuAccount.UserName
$StartInfo.Password = $SuAccount.Password
$StartInfo.LoadUserProfile = $true
$StartInfo.UseShellExecute = $false
$StartInfo.WorkingDirectory = (get-location).Path
[System.Diagnostics.Process]::Start($StartInfo)

Added on 23rd Feb 2006, 08:40
Jeffrey Snover Suggested to add the following line:
$StartInfo.Arguments="-noexit -command `$Host.UI.RawUI.WindowTitle=\`"Microsoft Command Shell ($($SuAccount.UserName)) \`""
Added on 23rd Feb 2006, 08:40


Added on 27th Jan 2006, 15:46
In Monad beta3 version, the default behavior of get-credential was changed to "CredUI". "CredUI returns a username with "\" prepended. When passing that to the Process.Start method, it has intermittent difficulty dealing with that form of a username. " --Lee Holmes
To change it back to CLI, run following script:
new-property HKLM:\SOFTWARE\Microsoft\MSH\1\ShellIds `
-property ConsolePrompting -value "True" -force

See newsgroup thread here for details. Also checkout ::: MSH ::: Blog Entry for this issue.
/Added on 27th Jan 2006, 15:46

So if you were a non-privilege user "testac" , you run id.msh:
UserSID= S-1-5-21-xxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-xxx (Domain\testac)
AuthenticationType= NTLM
ImpersonationLevel= None
Token= xxxx
Groups=
GroupSID= S-1-5-21-xxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-xxx (Domain\None)
GroupSID= S-1-1-0 (Everyone)
GroupSID= S-1-5-32-545 (BUILTIN\Users)
GroupSID= S-1-5-4 (NT AUTHORITY\INTERACTIVE)
GroupSID= S-1-5-11 (NT AUTHORITY\Authenticated Users)
GroupSID= S-1-2-0 (LOCAL)


After su to an Administrator user "tony". Then you run id.msh again in new msh.exe window:
UserSID= S-1-5-21-xxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-xxxx (Domain\tony)
AuthenticationType= MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
ImpersonationLevel= None
Token= xxxx

Groups=

GroupSID= S-1-5-21-xxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-xxx (Domain\None)

GroupSID= S-1-1-0 (Everyone)

GroupSID= S-1-5-32-544 (BUILTIN\Administrators)
GroupSID= S-1-5-32-545 (BUILTIN\Users)
GroupSID= S-1-5-4 (NT AUTHORITY\INTERACTIVE)
GroupSID= S-1-5-11 (NT AUTHORITY\Authenticated Users)

GroupSID= S-1-2-0 (LOCAL)

Have Fun!

[Edit: Monad has now been renamed to Windows PowerShell. This script or discussion may require slight adjustments before it applies directly to newer builds.]

Tags:       


Comments:
No shame I did worse with my imageviewer LOL ;-)

b.t.w. did you see the solution from Marcel Ortiz in the NG,
in the thread : How to impersonate as a different user? (MSH)

that is wat I'm using to get a nested prompt at the moment, real cool.

I'm thinking about re-doing it as a cmdlet sometime ;-)

gr /\/\o\/\/
 
You might consider adding the following line to your SU.MSH script. It will set the window Title so you know who you are running as.

$StartInfo.Arguments="-noexit -command `$Host.UI.RawUI.WindowTitle=\`"Microsoft Command Shell ($($SuAccount.UserName)) \`""

Jeffrey Snover
Monad Architect
 
To Jeffrey:

That is a nice tip. Thanks.
 
Oes Tsetnoc one of the ways in which we can learn seo besides Mengembalikan Jati Diri Bangsa. By participating in the Oes Tsetnoc or Mengembalikan Jati Diri Bangsa we can improve our seo skills. To find more information about Oest Tsetnoc please visit my Oes Tsetnoc pages. And to find more information about Mengembalikan Jati Diri Bangsa please visit my Mengembalikan Jati Diri Bangsa pages. Thank you So much.
Oes Tsetnoc | Semangat Mengembalikan Jati Diri Bangsa
 
Today,we are proud to announce the launch of the new wedding support service sell ffxi gil,packed with features sure to sell ffxi gils delight adventurers across Vana'diel looking to exchange eternal vows with their beloved!Responding to player demands for greater customization,the new service will grant brides and grooms freedom in choosing location,timing,dialogue,and sell Final Fantasy XI Gil more for their ceremony,allowing them to create a truly memorable event all their own.Information on all the features,including in-game sell ffxi gil item vendors and wedding certificates,can be found on the new wedding support site,so head on over sell ffxi gils and get started planning the wedding of your dreams sell Final Fantasy XIGil!
 

Post a Comment



Links to this post:

Create a Link



<< Home