Jump to content

As non LOCAL SYSTEM


David-
 Share

Recommended Posts

  • 2 weeks later...
  • 8 months later...

I have been unable to get the vast majority of my powershell scripts to run. Scripts that run with no issues when run locally. Many that do not require admin access.

I have tried running them without power shell user impersonation enabled.

I have attempted creating and using an ID that is part of the administrator group.

Enabling the administrator ID than using it as ps user impersonation.

I've verified user impersonation settings in registry are correct.

No errors are being registered in pulseway.

I am testing on a system that does not have a domain. So I have left that field blank. Just in case I attempted to fill it with the system name a few times.

My ultimate goal would be to use the administrator to run commands. I am willing to accept running as a user that is part of the admin group.

An example of a script I am certain works, but now through pulseway.

## Enable Storage Sense
## Ensure the StorageSense key exists
$key = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\StorageSense"
If (!(Test-Path "$key")) {
    New-Item -Path "$key" | Out-Null
}
If (!(Test-Path "$key\Parameters")) {
    New-Item -Path "$key\Parameters" | Out-Null
}
If (!(Test-Path "$key\Parameters\StoragePolicy")) {
    New-Item -Path "$key\Parameters\StoragePolicy" | Out-Null
}

## Set Storage Sense settings
## Enable Storage Sense
Set-ItemProperty -Path "$key\Parameters\StoragePolicy" -Name "01" -Type DWord -Value 1

## Set 'Run Storage Sense' to Every Week
Set-ItemProperty -Path "$key\Parameters\StoragePolicy" -Name "2048" -Type DWord -Value 7

## Enable 'Delete temporary files that my apps aren't using'
Set-ItemProperty -Path "$key\Parameters\StoragePolicy" -Name "04" -Type DWord -Value 1

## Set 'Delete files in my recycle bin if they have been there for over' to 14 days
Set-ItemProperty -Path "$key\Parameters\StoragePolicy" -Name "08" -Type DWord -Value 1
Set-ItemProperty -Path "$key\Parameters\StoragePolicy" -Name "256" -Type DWord -Value 30

## Set 'Delete files in my Downloads folder if they have been there for over' to 60 days
#Set-ItemProperty -Path "$key\Parameters\StoragePolicy" -Name "32" -Type DWord -Value 1
#Set-ItemProperty -Path "$key\Parameters\StoragePolicy" -Name "512" -Type DWord -Value 60

## Set value that Storage Sense has already notified the user
Set-ItemProperty -Path "$key\Parameters\StoragePolicy" -Name "StoragePoliciesNotified" -Type DWord -Value 1

 

Link to comment
Share on other sites

  • Staff

Hi @David-,

From your script I can see that you are trying to set the HKCU registry keys which are for the currently user account, therefore in order to set these keys for the required user account the powershell impersonation is required. If it is not configured, the the HKCU keys will be set for the System account and it will not affect the required user session.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...