stackoom
  简体   繁体   中英

Powershell Script - Run certain commands only as admin and rest of script as non-admin

 原文  2020-05-12 06:58:50       powershell/ runas

Question

What I am trying to achieve is: I have a huge script that does a lot of functions for myPC. All of those function prefer to not have admin privileges when executed for eg running application "outlook" etc. Only one function (2 commands) in the script requires admin privileges. Is it possible to run just those two commands as new powershell Adminwindow and close?

$TouchScreen = Get-PnpDevice -FriendlyName 'HID-Compliant Touch Screen'
if ( $TouchScreen.Status -eq 'OK' ) { $TouchScreen | Disable-PnpDevice -confirm:$false } else { $TouchScreen | Enable-PnpDevice -confirm:$false }

I have tried couple of things but to no avail. The -command of Start-Process powershell -Verb runAs -ArgumentList "-noexit","-command XXX" does not accept variables. Am I doing something wrong?

Some attempts:

Start-Process powershell -Verb runAs -ArgumentList "-noexit","-command { [string]$TouchScreen = Get-PnpDevice -FriendlyName 'HID-Compliant Touch Screen'; write-host 'testing $TouchScreen';  if ( $TouchScreen.Status -eq 'OK' ) { $TouchScreen | Disable-PnpDevice -confirm:$false } else { $TouchScreen | Enable-PnpDevice -confirm:$false }}"

Any and all help will be appreciated

PS: The following lines on standalone script works. Because it just runs the current script as admin. But as I mentioned earlier not an option for me. Furthermore, not looking to call other scripts in here, the reason being I am going to use PS2EXE and that additional script will be an issue.

If (-not ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
                $Arguments = "& '" + $MyInvocation.mycommand.definition +"'" 
                Start-Process powershell -Verb runAs -ArgumentList $Arguments 
                Break
                }
                $TouchScreen = Get-PnpDevice -FriendlyName 'HID-Compliant Touch Screen'
                if ( $TouchScreen.Status -eq 'OK' ) { $TouchScreen | Disable-PnpDevice -confirm:$false } else { $TouchScreen | Enable-PnpDevice -confirm:$false }

1 answers

solution1
 0  2020-05-12 19:39:14

Solved it this way

$MyVar = {"$TouchScreen = Get-PnpDevice -FriendlyName 'HID-Compliant Touch Screen'";  "if ( $TouchScreen.Status -eq 'OK' ) { $TouchScreen | Disable-PnpDevice -confirm:$false } else { $TouchScreen | Enable-PnpDevice -confirm:$false }";}
Start-Process powershell -Verb runas -ArgumentList "-noexit",$MyVar

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to run a process as non-admin from an elevated PowerShell console? Run Scheduled PowerShell script as admin $ENV:USERNAME returns the machine name when SCCM runs a script as admin with a non-admin logged in How to run `Get-CimInstance` as non-admin user (windows server 2019, powershell 5.1) How do run a powershell script as an admin? Impersonate Admin User and Run Powershell Script Run a PowerShell script from a cmd batch as admin PowerShell logon script as admin Execute a remote process on a non-admin account using Powershell How to get users from Distribution list as a non exchange admin or a non tenant admin using PowerShell script?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM