RMTshare.exe runas

This topic contains 4 replies, has 3 voices, and was last updated by Profile photo of Ian Ian 6 months ago.

  • Author
    Posts
  • #62548
    Profile photo of Ian
    Ian
    Participant

    Hello all,
    I'm a bit of a powershell newbie, but I was hoping someone can help. I've searched the forum for anything similar but so far to no avail.
    our Eniviroment
    Powershell 2.0
    legacy domain (X1) with NAS stores for users homedrives

    WMI-object and PS remote session are block by firewall and this will not change for our legacy domain.
    At present we can view and edit manage homedrives shares via a runas cmd (using a legacy domain account) and rmtshare.
    I'm looking to automate some of our basic tasks but to do so I require to have the full UNC path of our homedrive for a specific user

    I have used the following to no avail:

    $rmtshare = "c:\rmtshare.exe"
    $testshare = "\\server\userhomedrive"
    
    $rmthome = & runas /netonly /u:X1\useraccount $rmtshare $testshare

    result $rmthome is null
    OR

    $rmthome = start-job -name share -scriptblock {& runas /netonly /u:X1\useraccount $rmtshare $testshare}
    $rmthome1 = receive-job -Name shares -Keep

    Result $rmthome1 is enter password..
    OR

    $rmthome = start-job -name share -scriptblock {& $rmtshare $testshare} -creditials X1\useraccount -runas32
    $rmthome1 = receive-job -Name shares -Keep

    Result in firewall error as it's not /netonly and authentication on local machine as it tired to create profile.

    I've also played with
    invoke-command
    Invoke-Expression -Command
    Start-process
    etc
    Hopefully someone can point me in the right direction.

  • #62551
    Profile photo of Goldy
    Goldy
    Participant

    First, what kind of NAS? If it's a Netapp, they have cmdlets.

  • #62553
    Profile photo of Ian
    Ian
    Participant

    Thanks Goldy for your reply,
    Sadly for the purpose of this script and the clients who will use it, the NAS are irrelevant and I wouldn't want to be invoking any directly against them (the script will never be persmission to do so). The aim is to check the UNC location of the user who has left the firm, confirm the homedrive UNC path is correct, delete the share (stop sharing).
    Another part of the script will rename the user folder to olduseraccount using rename-item.

    The part that is failing for me is the invoking of rmtshare.exe under another account and loading that data into a variable.
    To confirm that rmtshare works fine and as designed under a runas CMD, I just want to do the same in powershell for the purpose of automating. I also do not want to invoke the powershell session under another user, due to other changes this script will be performing and for auditing.

  • #62593
    Profile photo of Daniel Krebs
    Daniel Krebs
    Moderator

    Ian,

    Are you able to just map to the user home share from the machine were you're attempting to run rmtshare.exe?

    # Command Prompt
    net use \\server\userhomedrive Pa55w0rd /user:domain\user
    
    # PowerShell
    $creds = Get-Credential -Credential 'domain\user'
    $drive = Net-PSDrive -Name RemoteUser -PSProvider FileSystem -Root \\server\userhomedrive -Credential $creds
    

    As alternative you might be able to do the following if you're using an Admin account.

    & net use \\server\ipc$ Pa55w0rd /user:domain\fileadmin
    $output = & rmtshare.exe \\server\userhomedrive
    
  • #62617
    Profile photo of Ian
    Ian
    Participant

    Hello Daniel
    firstly thanks you for the reply
    The mapping of the drive is redundant as these are homedrive the user limit is set to 1, also mapping a drive would be raised as a red flag and beyond what we require from the script.
    I require a process that works via a cmd line and transfer it over to powershell.

    I was wondering if it's possible for powershell to invoke another session of powershell under another account, run the rmtshare.exe, load that data to a variable and have that information passed back to the first session?

    The point it appears to be failing is the prompt for password is been treated as a 'start-job' hence the receive-job is returning:
    "Enter the password for :"

    I've now tried:

    $rmthome = start-job -name Shares -scriptblock {& runas /noprofile /netonly /user:X1\useraccount powershell;
    												$Password =Pa55w0rd;
    												$Password;
    												cd c:\
    										& .\rmtshare.exe "\\server\userhomedrive"}

    but clearly this just opens an empty console.

    unless someone can advise how to get a UNC path from 'share name' natively in powershell 2.0 without wmi-object

You must be logged in to reply to this topic.