Credentioal PSDrive

This topic contains 5 replies, has 2 voices, and was last updated by Profile photo of ohlssrog ohlssrog 3 days, 14 hours ago.

  • Author
    Posts
  • #73046
    Profile photo of ohlssrog
    ohlssrog
    Participant

    Have a windows 2012 R2 there users need to mapp a share on a remote server through unc path.
    want to use New-PSDrive cmdlet. ave tried with.

    New-PSDrive -Name "Z" -PSProvider FileSystem -Root "\\server\share" -Persist
    But get access denied on that share, so have to add in some credential to this, have tried with

    New-PSDrive -Name "Z" -PSProvider FileSystem -Root "\\upi503\root" -Persist -Credential $cred

    Here i got a login window and it work to map the drive if fill in the cred, but i want to use the credential the user have login with to the server so they dont have to login to the share . the users have permission on the share. (still get access denied)

    Is where any way i can add this to the script?

  • #73049
    Profile photo of Don Jones
    Don Jones
    Keymaster

    New-PSDrive already uses the current logon credentials by default, if you don't provide a credential. If that's not working, double-check the share permissions and double-check the current user (run "whoami").

    For example, if you've run the shell As Administrator, that may be your problem in this instance, because it would attempt to use that credential rather than the one you logged onto Windows with. Running WhoAmI will let you verify who the shell thinks you are.

    Or, use NET USE instead and see if that works.

    • #73057
      Profile photo of ohlssrog
      ohlssrog
      Participant

      i forgot to add in that the script must run as administrator and map the drive, application that need this mapped drive runs as administrator in windows to work. The user i run the shell with have permission on the share

      i run the
      New-PSDrive -Name "Z" -PSProvider FileSystem -Root "\\server\share" -Persist

      Output

      New-PSDrive : Access is denied
      At line:1 char:1
      + New-PSDrive -Name "Z" -PSProvider FileSystem -Root "\\server\share" -Persist
      + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      + CategoryInfo : InvalidOperation: (Z:PSDriveInfo) [New-PSDrive], Win32Exception
      + FullyQualifiedErrorId : CouldNotMapNetworkDrive,Microsoft.PowerShell.Commands.NewPSDriveCommand

  • #73060
    Profile photo of Don Jones
    Don Jones
    Keymaster

    Ah, That is a good extra detail ;).

    There is no safe way to do that. What you're asking is a way to provide Administrator credentials – which you would have to do in a way that anyone could read – to someone who is not an Administrator. Just write down the Admin credentials on a Post-It Note and hang it in the break room ;).

    Sorry, but there's just no secure way to do this. PowerShell deliberately makes it difficult because there's no safe way to do it – it's a bad security practice.

  • #73153
    Profile photo of ohlssrog
    ohlssrog
    Participant

    I have a bat file that open the PS shell as administrator like this and then run the PS1 script like obove.

    @echo off
    NET SESSION 1>NUL 2>NUL
    IF %ERRORLEVEL% EQU 0 GOTO ADMINTASKS
    CD %~dp0
    MSHTA "javascript: var shell = new ActiveXObject('shell.application'); shell.ShellExecute('%~nx0', ", ", 'runas', 0); close();"
    EXIT

    :ADMINTASKS

    powershell -file "c:\install\map_root.ps1"

    EXIT

    • #73291
      Profile photo of ohlssrog
      ohlssrog
      Participant

      just want to inform u that i solve this with above bat file and the map_root.ps1 file is edited like

      New-PSDrive -Name "Z" -PSProvider FileSystem -Root "\\sever\share" -Persist -Credential $cred

      With this users have to login to the share. (same cred as their are login as to the server)

You must be logged in to reply to this topic.