Comissha Posted January 3, 2019 Posted January 3, 2019 Our technical support AD credentials have changed passwords and now we are getting hundreds of machines trying to login with the configured AD account PowerShell User Impersonation credentials…locking the technician accounts. These machines are spread out at 19 separate locations and over 600 miles, at remote locations. How do we remotely modify the Runtime PowerShell user credentials on those machines? I have tried uninstalling and then reinstalling, but it absorbs the previous configuration…including the former PowerShell User credentials….I also tried calling tech support but was sent to voicemail. Help! Local Setings where credentials were entered: Remote Settings, no ability to enter or modify PowerShell User:
Staff Chris Posted February 5, 2019 Staff Posted February 5, 2019 Hi @Comissha, I would suggest you to configure the PowerShell impersonation on one of your monitored systems manually and then you might use the PowerShell script to configure it on other required systems: At first you will need to copy the value for the following registry keys and then use them in the following script: PowerShellUserImpersonation PowerShellUserImpersonationDomain PowerShellUserImpersonationPassword PowerShellUserImpersonationPasswordCtrl PowerShellUserImpersonationUsername Set-ItemProperty -Path "HKLM:\Software\MMSOFT Design\PC Monitor" -Name "PowerShellUserImpersonation" -Value "value here" Set-ItemProperty -Path "HKLM:\Software\MMSOFT Design\PC Monitor" -Name "PowerShellUserImpersonationDomain" -Value "value here" Set-ItemProperty -Path "HKLM:\Software\MMSOFT Design\PC Monitor" -Name "PowerShellUserImpersonationPassword" -Value "value here" Set-ItemProperty -Path "HKLM:\Software\MMSOFT Design\PC Monitor" -Name "PowerShellUserImpersonationPasswordCtrl" -Value "value here" Set-ItemProperty -Path "HKLM:\Software\MMSOFT Design\PC Monitor" -Name "PowerShellUserImpersonationUsername" -Value "value here" Comissha 1
Staff Chris Posted March 27, 2019 Staff Posted March 27, 2019 Hi @Comissha, My mistake, the batch script should do this. REG ADD "HKLM\Software\MMSOFT Design\PC Monitor" /v PowerShellUserImpersonation /t REG_SZ /d value_here /f REG ADD "HKLM\Software\MMSOFT Design\PC Monitor" /v PowerShellUserImpersonationDomain /t REG_SZ /d value_here /f REG ADD "HKLM\Software\MMSOFT Design\PC Monitor" /v PowerShellUserImpersonationPassword /t REG_SZ /d value_here /f REG ADD "HKLM\Software\MMSOFT Design\PC Monitor" /v PowerShellUserImpersonationPasswordCtrl /t REG_SZ /d value_here /f REG ADD "HKLM\Software\MMSOFT Design\PC Monitor" /v PowerShellUserImpersonationUsername /t REG_SZ /d value_here /f
David Posted August 10, 2019 Posted August 10, 2019 Hi @Chris, How would you set the "PowerShellUserImpersonationPassword" and "PowerShellUserImpersonationPasswordCtrl" across multiple hosts? You would need to use the same admin password across all hosts? I'm guessing these are a hash result and hash function input? Thanks,
Staff Chris Posted August 26, 2019 Staff Posted August 26, 2019 Hi @David, If the name for the user and password for the Powershell Impersonation is different on each system, then you will need to configure it manually on each system. And yes - the credentials are encrypted, but this encryption is not unique for each system, therefore if the credentials are the same, then you can copy these keys from one system to another.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now