With app-v 5.1 sequencer, i packaged files in
[{AppVPackageDrive}]\folder1\folder2\app.exe
and have put .appv package in network share
\\192.168.0.2\…\package.appv
Now, from client machine i want to run this app-v package.
This is what i did in powershell as Administrator:
$package = Add-AppvClientPackage -Path \\192.168.0.2\…\package.appv
Publish-AppvClientPackage $package
And this is what i did as normal user:
$p = Get-AppvClientPackage Package
Start-AppvVirtualProcess -AppvClientObject $p
Now the powershell asks me to:
Supply values for the following parameters:
FilePath:
What should i enter?
You also need to specify which EXE from that package (or outside the package) you want to launch. Get-AppvClientPackage returns only the package object.
Here is the doc on launching a virtual process:
https://support.microsoft.com/en-us/help/2848278/how-to-launch-processes-inside-the-app-v-5-0-virtualized-environment
Related
I have powershell script. I need to run it as a service. I try this way to make it as a service.
Start-Process -FilePath C:\Users\xx\Downloads\nssm-2.24\win32\nssm.exe -ArgumentList 'install AgentService "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "-command "& { . D:\SERVICE\Script.ps1}"" ' -NoNewWindow
Then I open run.exe and type services.msc. The service exist. And I try to start it. It show like this picture.
But I see the powershell script is not running. Because in my powershell script I use infinity loop to do some process, like copy and rename file. But It does not work.
Anyone can give me idea plese. Thank you.
A ordinary EXE executable, by default, is not ready to be run as a Windows Service.
A service process needs to register with the Service Control Manager on startup and listen for commands from the SCM. All the details you need are here:
C++: https://learn.microsoft.com/en-us/windows/win32/services/services
C# and .NET: https://learn.microsoft.com/en-us/dotnet/framework/windows-services/
However, if it helps, there are pre-built services that will launch and manage the process lifetime of any ordinary EXE. Google for run any windows exe as a service. One that I've personally used before is SrvStart.
I have an SSH task in an Azure devops pipeline which connects to another target server to perform a deployment.
The target server does not have any of my pipeline's variables, nor do I have any means of passing them through the standard SSH Task. i.e., if I run pwd, none of my variables display.
Some of the variables are passwords.
What is the easiest way to pass these to my remote server?
Use PowerShell on Target Machine task with the PS script that set variable can help you to achieve this.
This task can help you connect the remote server then finish the powershell script.
For set variable script, you can check with this format Write-Verbose -verbose:
Param(
[string]$psw
)
Write-Verbose "##vso[task.setvariable variable=NewPSWVariable]$psw" -verbose
I wrote the script in .ps1 file, then choose file path, call and pass the value to the parameter in PowerShell on Target Machine task.
What I used here is Write-Verbose. This can help to print out the variable into console which can help to debug the log.
I am trying to create a shortcut that would take credentials from the credential manager, like so
cd C:\code\Kodex-1.4.3\EPD_Prerequisite\Anaconda2\
$line1 = "cd C:\Code\EPMD\Kodex-1.4.4\Applications\Bin\EpmdTaskManager"
$line2 = "start EpmdTaskManagerGui.exe hide"
$line1 | out-file auto1.bat -Encoding Ascii
$line2 | Out-File -append auto1.bat -Encoding Ascii
$WshShell = New-Object -comObject WScript.Shell
$Shortcut = $WshShell.CreateShortcut("C:\Users\matanv.HOBART\Desktop\Kodex 1.4.4.lnk")
$Shortcut.TargetPath = """C:\WINDOWS\system32\runas.exe"""
$argA = "/user:%computername%\Admin /savecred"
$argB = """C:\code\Kodex-1.4.3\EPD_Prerequisite\Anaconda2\auto.bat"""
$Shortcut.Arguments = $argA + " " + $argB
$Shortcut.Save()
This works fine, with one problem: The first time I run the script, I get promted for password.
I want to never get prompted for password, and to store it in the credential manager using some (maybe other) script.
How can it be done?
Thanks
Moving from comment to here for OP
Here's the thing to keep in mind with this savecred thing. It's really dangerous, depending on where you are using it. Once you do it, like you've noted, AL you have to do is pass the account name and never get prompted, which means, anyone with even the simplest of skills, could walk up to and take over this machine, even if you delete the shortcut that started it, those creds are always live, and once can create any shortcut, set the properties, and they are off to the races.
Hence, though savecred is really convenient, it should be limited to only machines in absolute control of the person using it. For Example.
Anyway, you an get creds into CredMan, without using RunAs /SaveCred, yes, even with PowerShell. The a many scripts online to show you how, even ones directly from the TechNet Powershell Gallery, and the MS powershellgallery.com.
How to add credentials to the Windows Vault (PowerShell)
This PowerShell script shows how add credentials for specific users.
Download : addwindowsCredential.zip
CredentialManager 2.0
From powershellgallery.com, via your PowerShell session.
Find-Module -Name '*credentialmanager*' | Format-Table -AutoSize
Version Name Repository Description
------- ---- ---------- -----------
2.0 CredentialManager PSGallery Provides access to credentials in the Windows Credential Manager
1.1.1.0 IntelliTect.CredentialManager PSGallery Provides an easy-to-use interface to the Windows Credential Manager via PowerShell.
1.0.9 pscredentialmanager PSGallery This module allows management and automation of Windows cached credentials.
1.0.0.0 BAMCIS.CredentialManager PSGallery Provides a PowerShell wrapper around the Windows Credential Manager Win32 APIs.
See also:
Manipulate credentials in the Windows 8/2012 PasswordVault using Powershell
This module demonstrates how to use the new Windows 8/2012
PasswordVault API from Powershell.
Download : PasswordVault.psm1
You can also do this with the built-in cmdkey.exe
Creates, lists, and deletes stored user names and passwords or
credentials.
But you would need to run in the user context to do this, and that is what MS SysInternals PSExec can provide. Just create a ScheduledTask for RunOnce / at startup to fire off the command to do this.
OK, I digress. So, all-in-all, there are a few ways to set up Kiosk Mode on windows and MS has documented Kiosk mode for some time now
(You don't say what OS you are targeting - as similar articles exits for them).
For Win 10 it is here:
Set up a single-app kiosk
The above provides direct instructions how to set this mode up in PowerShell, snippet of those steps below, but be sure to read the entire document.
Set up a kiosk using Windows PowerShell
App type: UWP OS edition: Windows 10 Pro, Ent, Edu Account type: Local
standard user
You can use any of the following PowerShell cmdlets to set up assigned
access on multiple devices. Before you run the cmdlet:
Log in as administrator.
Create the user account for Assigned Access.
Log in as the Assigned Access user account.
Install the Universal Windows app that follows the assigned
access/above the lock guidelines.
Log out as the Assigned Access user account.
Log in as administrator.
To open PowerShell on Windows 10, search for PowerShell and find
Windows PowerShell Desktop app in the results. Run PowerShell as
administrator.
# Configure assigned access by AppUserModelID and user name
Set-AssignedAccess -AppUserModelId <AUMID> -UserName <username>
# Configure assigned access by AppUserModelID and user SID
Set-AssignedAccess -AppUserModelId <AUMID> -UserSID <usersid>
# Configure assigned access by app name and user name
Set-AssignedAccess -AppName <CustomApp> -UserName <username>
# Configure assigned access by app name and user SID
Set-AssignedAccess -AppName <CustomApp> -UserSID <usersid>
Note To set up assigned access using -AppName, the user account that
you specify for assigned access must have logged on at least once.
Learn how to get the AUMID. Learn how to get the AppName (see
Parameters).
I've run into an interesting problem which I can't quite figure out. I have a script which is intended to launch a certain application with alternate credentials. I can launch the application perfectly well using alternate creds using explorer and right clicking and choosing "Run As Different User" or with "PSexec - domain\user -p password "c:\app.exe"" but if I attempt to launch using:
$username = "username"
$password = "password"
$credentials = New-Object System.Management.Automation.PSCredential -ArgumentList #($username,(ConvertTo-SecureString -String $password -AsPlainText -Force))
Start-Process c:\app.exe -Credential ($credentials)
The application does in fact start using the alternate credentials but it then gets stuck in a loop/crashes. Using procmon it looks like it gets stuck on querying a directory that the app uses for caching, but I'm not sure it's relevant. I did try completely opening up the app folder ACL's (and all child objects recursively) to everyone but no luck. If I substitute other applications it works properly. I've used the "powershell" method to specify alt credentials with success many times before.
In any case, the script works fine using PSexec. I'd rather not have that dependency but it works for now. My question is, what is the difference from using the "powershell way" (using System.Management.Automation.PSCredential) to specify alternate credentials vs what PSexec or explorer is doing under the hood? I assume there must be something different going on and perhaps that information could help me trace why the application borks.
Thank you!
According to the technet pages of Start-Process and Psexec there is a difference in how the user profile is handled by default.
Start-Process does not load the profile unless you specify a switch:
-LoadUserProfile
Loads the Windows user profile stored in the HKEY_USERS registry key
for the current user. The default value is FALSE.
Psexec does always load the profile unless you specify a switch:
-e Does not load the specified account’s profile.
If the program expects some registry value for the cache location e.g. this could be a potential problem.
I would like to have a Windows 2003 server fire a script to fire another script in a separate Windows Server 2008 computer.
I have been told that Powershell can do that, and that's fine, but I need more specific details.
Does anyone have any tips for this?
Thanks!
psexec from SysInternals
Look into the syntax for the AT command. You can use it to schedule a process to run on a remote machine.
The AT command schedules commands and programs to run on a computer at
a specified time and date. The Schedule service must be running to use
the AT command.
AT [\\computername] [ [id] [/DELETE] | /DELETE [/YES]]
AT [\\computername] time [/INTERACTIVE]
[ /EVERY:date[,...] | /NEXT:date[,...]] "command"
\\computername Specifies a remote computer. Commands are scheduled on the
local computer if this parameter is omitted.
id Is an identification number assigned to a scheduled
command.
/delete Cancels a scheduled command. If id is omitted, all the
scheduled commands on the computer are canceled.
/yes Used with cancel all jobs command when no further
confirmation is desired.
time Specifies the time when command is to run.
/interactive Allows the job to interact with the desktop of the user
who is logged on at the time the job runs.
/every:date[,...] Runs the command on each specified day(s) of the week or
month. If date is omitted, the current day of the month
is assumed.
/next:date[,...] Runs the specified command on the next occurrence of the
day (for example, next Thursday). If date is omitted, the
current day of the month is assumed.
"command" Is the Windows NT command, or batch program to be run.
easiest way that is use will be in two steps
a. installing cygwin to remote pc
b. run ssh hudson#mcs '/cygdrive/c/path_to_script.bat'
Speaking about PsExec, I would strongly suggest to use Cygwin/OpenSSH instead.
SSH has multiple advantages (over tools like PsExec or even custom-made services).
For example, try to use with PsExec and implement what these bash / ssh command lines do:
ssh user#remotehost "find . -name something" 2> all.errors.txt
ssh user#remotehost "grep -r something ."
if [ "$?" == "0" ]
then
echo "FOUND"
else
echo "NOT FOUND"
fi
Good Luck!
SSH transfers (!) remote stdout / stderr / exit status to local shell for inspection
(killer feature and common requirement to integrate remote execution into logic of local scripts)
Cygwin/OpenSSH provides standard POSIX shell environment
(efficient time investment, fundamental tools, cross-platform ready, compatible habits, etc.)
You can still/always run all native Windows application
(including automatic execution of *.bat files by cmd processor)
You can configure password-less auth using public keys
(think about unattended automated tasks)
Tip
There was one requirement I had problems with initially:
background sshd service had to execute apps in user's graphical session
(to make application window appear in desktop environment).
The acceptable solution for me was running sshd service directly in user's GUI session
(start automatically when user logs in, follow the link to see configuration file changes):
/usr/sbin/sshd -f /home/user/sshd_config
The accepted solution from http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Q_22959948.html is:
What I provide was a script that takes
parameters... In this case it takes 4.
1) Server: if you pass -server it will
only do that one server 2) List: You
can provide a list file of servers.
3) Service: Name of the service you
want to modify 4) Verbose: is not
used here.
I did have some mistakes that I
changed in the following code. To use
cut/paste the code into a file called
Set-RemoteService.ps1. Make sure to
set your executionpolicy to run
scripts... it will not by default. You
do that by using the
set-executionpolicy cmdlet. PS>
Set-Executionpolicy "RemoteSigned" to
run the script you do PS>
C:\PathToScript\Set-RemoteService.ps1
-list c:\ServerList.txt -service "DHCP"
######################### Param($server,$list,$service,[switch]$verbose)
if($Verbose){$VerbosePreference =
"Continue"} if($list) {
foreach($srv in (get-content $list))
{
$query = "Select * from Win32_Service where Name='$service'"
$myService = get-WmiObject -query $query -computer $srv
$myService.ChangeStartMode("Automatic")
$myService.Start()
} } if($server) {
$query = "Select * from Win32_Service where Name='$service'"
$myService = get-WmiObject -query $query -computer $server
$myService.ChangeStartMode("Automatic")
$myService.Start() }