Powershell running as different users

Welcome Forums General PowerShell Q&A Powershell running as different users

Viewing 3 reply threads
  • Author
    Posts
    • #269885
      Participant
      Topics: 1
      Replies: 1
      Points: 15
      Rank: Member

      Hi,

      I have a node.js application running as a service under a gMSA account. When I execute PowerShell script to get printer lists(Get-Printer) of a remote machine I don’t get the list. However, If I run the application under a different service account(which has login and password) I get a full printer’s list.  Although, the IT team said they have exact permission on the gmsA account same as the service account but some reason it’s not working. It’s taking longer to fix this issue. So, I would like to know how I can pass different credentials to get the printer’s list. Any advice or code example will be helpful. Thank you..

    • #269888
      Participant
      Topics: 0
      Replies: 10
      Points: 64
      Helping Hand
      Rank: Member

      Printers can be installed at the machine level or user.  If you need to see the user’s printers you can either do something like

      or you could also manually parse out HKU:\<USERSID>\Printers

    • #270268
      Participant
      Topics: 11
      Replies: 128
      Points: 835
      Helping Hand
      Rank: Major Contributor

      Just confirming: has the gMSA actually been installed on the target system(s)?

      How are you trying to run the app (it may have to do with the access token used when running it).

      Also, I have seen where adding the gMSA to the Local Administrators group prevents a script from running, especially in a scheduled task.

      Please post sanitized code to better assist you.

    • #270358
      Participant
      Topics: 1
      Replies: 1
      Points: 15
      Rank: Member

      Thank you guys.

      The application running as a service and you can run the service ‘logon as ‘ gmSA account or another service account.

      When the application executed PowerShell command ie get-printers -Computer it inherits all the permission of ‘logon as’ . It works with a service account but not with gmSA account. I have been told permissions has copied from the the service account to gmsA account.

      Is there any way, I can run PowerShell command by a different user in a code?

       

Viewing 3 reply threads
  • You must be logged in to reply to this topic.