使用switch / netonly运行start-process(Type-9登录)

时间:2017-10-02 23:59:28

标签: powershell batch-file authentication cmd

我可以使用switch / netonly(Type 9登录)开始进程,就像我可以在下面的命令中使用/ netonly一样。

"Start-Process powershell -Credential mydomain\mydomainAdmin -ArgumentList '-noprofile -command &{Start-Process notepad -verb runas}'"

基本上我使用管理员帐户登录,我想从myaccount可以访问的某些共享中复制。我想使用Type-9登录(/ netonly switch)和传递凭证。

使用以下命令我能够做到,但我必须输入密码。 

" runas /netonly /user:myadmin\myaccount "robocopy source destination" "

请帮助指出正确的方向

1 个答案:

答案 0 :(得分:0)

使用模拟,您可以使用在脚本或其他位置定义的凭据进行netonly类型登录,而无需每次都输入。

(请注意,在此示例中,模拟时Write-host将不会写入不同的用户名。这特别是因为新凭据登录类型(INT 9)仅在访问远程资源时模拟所需用户。)

$ImpersonationLib = Add-Type -Namespace 'Lib.Impersonation' -Name ImpersonationLib -MemberDefinition @"
[DllImport("advapi32.dll", SetLastError = true)]
public static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
[DllImport("advapi32.dll", SetLastError = true)]
public static extern bool DuplicateToken(IntPtr token, int impersonationLevel, ref IntPtr duplication);

[DllImport("kernel32.dll")]
public static extern Boolean CloseHandle(IntPtr hObject);
"@ -PassThru
[System.IntPtr]$userToken = [System.IntPtr]::Zero
$success = $ImpersonationLib::LogonUser('YourUserName',      # UserName
                                    'DomainOrWorkstationNameIfLocal',       
# Domain
                                    'Password', #Password
                                    9, # New credentials-based logo
                                    0, # LOGON32_PROVIDER_DEFAULT
                                    [ref]$userToken) 

if ($success -eq $false)
{
     Write-Host 'Failure to execute logon user.'
     Exit
}

$Identity = New-Object Security.Principal.WindowsIdentity $userToken
# Close open handles.
if ($userToken -ne [System.IntPtr]::Zero)
{
  $null = $ImpersonationLib::CloseHandle($userToken)
  $userToken = [System.IntPtr]::Zero
}
# Current user.
Write-Host "Before impersonation: UserName: 
$([Security.Principal.WindowsIdentity]::GetCurrent().Name)" -ForegroundColor Cyan
# Do the impersonation.
$context = $Identity.Impersonate()
# New user.
Write-Host "After impersonation: UserName: $([Security.Principal.WindowsIdentity]::GetCurrent().Name)" -ForegroundColor Cyan


# Return to original user.
$context.Undo()
$context.Dispose()
# Old user.
Write-Host "After undoing impersonation: UserName:     
$([Security.Principal.WindowsIdentity]::GetCurrent().Name)"

登录类型参考:MSDN -Logon user function

相关问题
最新问题