How can I let non-admin users run a script as an admin to modify a file on a Network Share?

By
Aaron Garnes
-
0
0
Asked By CleverPineapple123 On

I'm working on a way to allow regular users to run a PowerShell script that modifies a file on my Network Share drive. The challenge I'm facing is that my script contains a ScriptBlock that needs to be executed with admin credentials. I've tried using "Invoke-Command -Session $psSession -ScriptBlock { #Code to modify file }" but I keep losing access to the Network Share drive when using the admin account's WinRM.

I also attempted to create a Task Scheduler job that runs the ScriptBlock as the admin, but it returns a Permissions Denied error. It seems that whenever I try running anything with those admin credentials, I lose access to the Network Share drive.

Has anyone experienced something similar? How can I run this script as an admin while keeping access to the share? By the way, I've also tried using New-PsDrive to map the Network Share but got a Permission Denied error there too.

4 Answers

Answered By SkepticalCoder74 On

It sounds like you're trying to get non-admin users to run scripts that need elevated permissions. Just remember, with that approach, you're opening up a huge security risk. If someone finds the script, they could turn it into a backdoor for a Trojan or worse. Instead of trying to elevate user permissions through scripts, I suggest focusing on the underlying permissions of the file itself. Why not grant necessary access to the user group that needs to modify that file directly? It's safer and more straightforward.

Answered By ScriptGuru42 On

Beyond what others have mentioned, I'd look into potential double hop issues. I tried nesting Invoke-Commands and passing in admin credentials, but like you, I faced access issues once again. It’s a tricky situation!

Answered By TaskMasterX99 On

You might want to consider just granting the needed permissions on the Network Share instead. If you do that, users won't have to run a script for changes. It could save you a lot of hassle!

Answered By AdminHacker007 On

If you're really determined to make this work with a script, one wild option is to hardcode the admin username and password directly into your script block. Just keep in mind that's pretty risky! You'd be better off exploring security configurations instead.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.