Run powershell from an ASP.net web app as a different user?
Question
I want to be able to run a powershell script from an ASP.NET app as a different user. I can successfully run powershell commands and see the output but I cannot figure out how to execute it as a different user. I have followed this guide:
http://jeffmurr.com/blog/?p=142
It is just a textbox where I enter my powershell-command and the output will show in another textbox.
I have created a new IIS site and an application pool which runs as a domain user, associated the new site with the pool. I can see that the only w3wp.exe process that exist is running as my domain user that I specified in the pool. Still if I run the command:
write-output $Env:USERNAME
It returns the System Account username, "SERVERNAME$". Anybody knows why? What have I missed? Is there another way to achieve the same?
The code...
HTML:
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="PowerShellExecution.Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1" runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<table>
<tr><td> </td><td><h1 align="left">PowerShell Command Harness</h1></td></tr>
<tr><td> </td><td> </td></tr>
<tr><td> </td><td>PowerShell Command</td></tr>
<tr><td>
<br />
</td><td>
<asp:TextBox ID="Input" runat="server" TextMode="MultiLine" Width="433px" Height="73px" ></asp:TextBox>
</td></tr>
<tr><td>
</td><td>
<asp:Button ID="ExecuteCode" runat="server" Text="Execute" Width="200" onclick="ExecuteCode_Click" />
</td></tr>
<tr><td> </td><td><h3>Result</h3></td></tr>
<tr><td>
</td><td>
<asp:TextBox ID="ResultBox" TextMode="MultiLine" Width="700" Height="200" runat="server"></asp:TextBox>
</td></tr>
</table>
</div>
</form>
</body>
</html>
C#
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Management.Automation;
using System.Text;
namespace PowerShellExecution
{
public partial class Default : System.Web.UI.Page
{
public TextBox ResultBox;
public TextBox Input;
protected void Page_Load(object sender, EventArgs e)
{
ResultBox = (TextBox)this.FindControl("ResultBox");
Input = (TextBox)this.FindControl("Input");
}
protected void ExecuteCode_Click(object sender, EventArgs e)
{
// Clean the Result TextBox
ResultBox.Text = string.Empty;
// Initialize PowerShell engine
var shell = PowerShell.Create();
// Add the script to the PowerShell object
shell.Commands.AddScript(Input.Text);
// shell.Commands.AddScript("C:\\TestSite\\test.ps1");
// Execute the script
var results = shell.Invoke();
// display results, with BaseObject converted to string
// Note : use |out-string for console-like output
if (results.Count > 0)
{
// We use a string builder ton create our result text
var builder = new StringBuilder();
foreach (var psObject in results)
{
// Convert the Base Object to a string and append it to the string builder.
// Add \r\n for line breaks
builder.Append(psObject.BaseObject.ToString() + "\r\n");
}
// Encode the string in HTML (prevent security issue with 'dangerous' caracters like < >
ResultBox.Text = Server.HtmlEncode(builder.ToString());
}
}
}
}
1 answers
solution1
1 2017-12-09 19:51:48
its because you have published your website on a host server. When you access the website you are accessing an application that is running on Azure (or wherever the server is) and therefore sending command that runs in that server machine.
Sorry to say that you cant get those command run in your computer as a website user since the script calling method is developed in a way to ensure user environment safe otherwise unknown dangerous codes can execute at their end by just pushing the button.
If you used Azure, then note that its a 'platform as a service' where your role is to deploy website and build application over a preconfigured system and is managed by Azure. Any system level changes including user name change are not permitted. try out https://yourwebsitename.scm.azurewebsites.net/DebugConsole/?shell=powershell
I tried to change it too sometime back but learned the hard way.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.