I have Powershell script that will extract an IP address and output the current user logged on only if I use the domain service account by using Run-As, i.e. Shift+Right-Click on the cmd.exe and invoke powershell, etc, etc.
~~~BUT~~~
This powershell code will be invoked by an external third-party software program that is not running in the context of the domain service account, which means I have to incorporate it into the script.
I am puzzled as how to do this.
So far, I have been reading "Powershell Tip - Storing and Using Password Credentials" and "PowerShell ASP: Using Invoke-Command with New-PSSession" (sorry I am unable to include the links)
These pages explain
1. Store password in a separate file
PS C:\> read-host -assecurestring | convertfrom-securestring | out-file C:\cred.txt
2. Draw password back into script
PS C:\> $password = get-content C:\cred.txt | convertto-securestring
3. Create credential object
PS C:\> $credentials = new-object -typename System.Management.Automation.PSCredential -argumentlist "myusername",$password
But I am just not sure how I use this to make the script run in the context of these user credentials when they are invoked by the third-party software.
FYI, here is the powershell code so far:
$line_array = @()
$multi_array = @()
[hashtable]$my_hash = @{}
foreach ($i in $args){
$line_array+= $i.split(" ")
}
foreach ($j in $line_array){
$multi_array += ,@($j.split("="))
}
foreach ($k in $multi_array){
$my_hash.add($k[0],$k[1])
}
$Sender_IP = $my_hash.Get_Item("sender-ip")
$eventList = @()
Get-EventLog "Security" -computername $Sender_IP `
| Where -FilterScript {$_.EventID -eq 4624 -and $_.ReplacementStrings[4].Length -gt 10 -and $_.ReplacementStrings[5] -notlike "*$"} `
| Select-Object -First 2 `
| foreach-Object {
$row = "" | Select UserName, LoginTime
$row.UserName = $_.ReplacementStrings[5]
$row.LoginTime = $_.TimeGenerated
$eventList += $row
}
$userId = $eventList[0].UserName
$userIdIt can be invoked with
PS D:\script> .\FOO.ps1 sender-ip=10.2.3.3 sender-name=joe