Author Posts

December 7, 2016 at 8:51 am

Dear all,

I wrote PowerShell script that enumerates free space of a local disk, I tried the following two snippets of code,

$diskObject=(Get-WMIObject Win32_LogicalDisk | select DeviceID, VolumeName, FreeSpace, Size | Where-Object { $_.DeviceID -eq $volumeID + ":" })

or

#$diskObject=(Get-PSDrive $volumeID)

and then the free disk space calculation is used ,

if ( $diskObject.FreeSpace -lt ($diskObject.Size)*$spaceThreshold ) {
...

or

if ( $diskObject.Free -lt ($diskObject.Free+$diskObject.Used)*$spaceThreshold ) {
...
....

when I run the script from within ISE in the context of an account that is local administrator it works fine, however when I schedule the script to run as a scheduled task in the context of a "service" account that is a non-administrator user then the $diskObject variable contains value 0 i.e not information pertaining to the local disk I am enumerating.

I tried modifying access privileges for the non-administrator on the ROOT of the WMI namespace (wmimgmt.msc) and adding it to both Distributed COM Users and WinRMRemoteWMIUsers_ local group but so far to no avail.

Please, help :]

December 7, 2016 at 12:47 pm

The issue might be in the part of the code you're not showing. What is your actual goal? What is '$volumeID'?

December 7, 2016 at 5:36 pm

The script performs a backup of the ADCS infrastructure and one of the first checks it does is to make sure there is sufficient amount of available disk space before starting the backup procedure,

$spaceThreshold=0.3
$volumeID="D"
$diskObject=(Get-WMIObject Win32_LogicalDisk | select DeviceID, VolumeName, FreeSpace, Size | Where-Object { $_.DeviceID -eq $volumeID + ":" })

if ( $diskObject.FreeSpace -lt ($diskObject.Size)*$spaceThreshold ) {
...
...

December 7, 2016 at 7:27 pm

Have you tried scheduling the script with an account that has administrator privileges. Thats the easiest way to get the job done

December 7, 2016 at 7:33 pm

The part of the script you posted works just fine for me – even without administrative privileges.

December 7, 2016 at 8:11 pm

Hmm, that's great :]

I run the scheduled task with the following arguments,

-noninteractive -command "& 'E:\scripts\PKI_backup.ps1'"

and the non-administrator account that I run the script as is a member of BUILTIN\Backup Operators and has only Log on as batch job privileges and it is configured to run with the highest privileges, I am not sure whether maybe some GPO settings might be preventing a proper execution but it would be strange...

December 7, 2016 at 8:33 pm

Also take a look at Get-Volume

PS C:\WINDOWS\system32> Get-Volume

DriveLetter FileSystemLabel  FileSystem DriveType HealthStatus OperationalStatus SizeRemaining      Size
----------- ---------------  ---------- --------- ------------ ----------------- -------------      ----
C           Windows          NTFS       Fixed     Healthy      OK                     18.87 GB 236.22 GB
            Windows RE tools NTFS       Fixed     Healthy      OK                      1.53 GB   1.87 GB

December 7, 2016 at 8:43 pm

Still a lot to learn,

my source code structure was

variable declaration
function declaration
core code

now that I have restructured it,

function declaration
variable declaration
core code

it works :] However, I do not understand why it worked when ran from ISE in the context of a local admin with the old structure :]

December 7, 2016 at 9:30 pm

-noninteractive -command "& 'E:\scripts\PKI_backup.ps1'"

I know it works this way and I see this pretty often, but why? If I have a .ps1 file to run, why I don't take the parameter -File instead of -Command? Please don't get me wrong. I'm not complaining – I just would like to understand. Where do you get the idea to do it this way?