There are three main ways to run a command as a different user in Powershell, besides the classing Right click shift. This article will show you how to do that, within the same Powershell session.
By the same Powershell session, I mean something like this:
- You’re logged on as ITDroplets\UserA.
- You have a powershell script/console running as UserA.
- Within that powershell script/console, you want to run a command as ITDroplets\UserB.
In the Options below, I will consider the above example and I will run “Get-Process Explorer” as UserB. This is very handy when running elevated commands, for instance when UserA is a standard user account and UserB has local admin rights. Of course, Get-Process Explorer doesn’t really need elevation 🙂
Remember that the examples are super concentrated, which means I didn’t add any check to see if the command ran successfully etc. They’re there as pure examples, you can then shape them to fit your needs.
Option 1 – System.Diagnostics.ProcessStartInfo
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
#Get UserB credential $Credential = Get-Credential itdroplets\UserB #Use System.Diagnostics to start the process as UserB $ProcessInfo = New-Object System.Diagnostics.ProcessStartInfo #With FileName we're basically telling powershell to run another powershell process $ProcessInfo.FileName = "powershell.exe" #CreateNoWindow helps avoiding a second window to appear whilst the process runs $ProcessInfo.CreateNoWindow = $true #Note the line below contains the Working Directory where the script will start from $ProcessInfo.WorkingDirectory = $env:windir $ProcessInfo.RedirectStandardError = $true $ProcessInfo.RedirectStandardOutput = $true $ProcessInfo.UseShellExecute = $false #The line below is basically the command you want to run and it's passed as text, as an argument $ProcessInfo.Arguments = "Get-Process Explorer" #The next 3 lines are the credential for UserB, as you can see, we can't just pass $Credential $ProcessInfo.Username = $Credential.GetNetworkCredential().username $ProcessInfo.Domain = $Credential.GetNetworkCredential().Domain $ProcessInfo.Password = $Credential.Password #Finally start the process and wait for it to finish $Process = New-Object System.Diagnostics.Process $Process.StartInfo = $ProcessInfo $Process.Start() | Out-Null $Process.WaitForExit() #Grab the output $GetProcessResult = $Process.StandardOutput.ReadToEnd() #Print the Job results $GetProcessResult |