Access is denied to localhost despite being administrator - PowerShell

Question

Okay, so this has been bugging me for a while and I have tried too many things now.

I'm trying to run a PowerShell script - my user account is a regular one on the domain, it is however local administrator on my computer. Therefore I've created a PowerShell script prompting me for credentials (where I type the credentials of my domain administrator account) to be used to invoke another script which needs this domain administrator elevation. This script looks like this:

Invoke-Command -FilePath "C:\Temp\script.ps1" -ComputerName localhost -Credential Get-Credential

Here the script.ps1 is the script which needs domain administrator elevation.
Executing the shown script results in a prompt for credential and then the following error:

[localhost] Connecting to remote server localhost failed with the following error message : Access is denied.

I've tried messing around with a .bat file looking like this:

SET ThisScriptsDirectory=%~dp0
SET PowerShellScriptPath=%ThisScriptsDirectory%script.ps1 PowerShell -NoProfile -ExecutionPolicy Bypass -Command "& {Start-Process PowerShell -ArgumentList '-NoProfile -ExecutionPolicy Bypass -File ""%PowerShellScriptPath%""' -Verb RunAs}";

aswell, but I can't make it work - it is not elevating the script to domain administrator level.
Lastly however, I need to mention that the script I want to run with domain elevation works if I open PowerShell with the domain administrator elevation, navigates to C:\\Temp\\script.ps1 and executes it by .\\script.ps1.

Any suggestions?

Answer 1

One topic that helped me (I had a similar case) was the section "HOW TO ENABLE REMOTING FOR NON-ADMINISTRATIVE USERS" in About Remote Troubleshooting . Basically, it tells you to execute a PS Command: Set-PSSessionConfiguration Microsoft.PowerShell -ShowSecurityDescriptorUI and grant execution permission to the user that you are trying to use it.

Answer 2

If you have local administrative rights, run powershell as administrator and run Invoke-Command without the -Credential flag.

If you're only running the script locally, you don't need Invoke-Command . You're better off just running the script and passing arguments to it.

Answer 3

Well, you are doing it wrong if I understand it correctly.

Credential you provided is used to access localhost (which you don't need BTW). Script is still executed unelevated. There are two solutions:

• You need to elevate the powershell itself and execute the script.
• You need to change the script so that it itself accepts Credential parameter and use it to access things. There isn't much more I can say about it until you show the script.

You can elevate shell with:

 start powershell -verb Runas

The problem here is that unless you disable UAC, it will prompt you. Unfortunately there is no easy way around this that I know. One sure way is to add the script to task scheduler and set the task to run elevated, then run it and delete the task. All of this can be automated ofc. This is a consequence of unfortunate design of UAC system (sudo on Linux that serves the same purpose will cache the response for some time so that subsequent commands do not prompt). This would go something like:

  schtasks /Create /TN runner ... /TR powershell -File script.ps1 /RU username /RP password /RL HIGHEST
  schtasks /run runner
  schtasks /delete runner

Answer 4

Enable PSRemoting Service to Start Automatic

on both host and remote machines

Set-Service winrm -StartupType Automatic 
Start-Service winrm

Enable PSREmoting

On both host and remote machines

EnablePSRemoting -Force

Add computers to Trusted Hosts

On Remote machine

Set-Item wsman:\localhost\Client\TrustedHosts -Value "$(hostname),*$((Get-WmiObject Win32_ComputerSystem).Domain)"

Enable Multi Hopping in Powershell Remoting

Identify which hosts to allow passing of Creds

Enable-WSManCredSSP –Role Client –DelegateComputer   "$(hostname),*$((Get-WmiObject Win32_ComputerSystem).Domain)"

On the source machine.

Enable-WSManCredSSP –Role Server

You must specify Authentication and a Credential

on Host Machine

$Cred = [System.Management.Automation.PSCredential]::new("<username>",$("<Password>" | ConvertTo-SecureString -AsPlainText -Force))
invoke-command -ComputerName localhost -ScriptBlock {Write-Host $args[0]} -ArgumentList "Hello!, It Works" -Authentication Credssp -Credential $cred

REFERENCE

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_remote_troubleshooting?view=powershell-6