小贝子编程

使用Switch /Netonly(Type-9登录)运行启动过程



我可以使用switch/netonly(type 9登录)开始启动过程,就像我可以在下面的命令中使用/netly。

"Start-Process powershell -Credential mydomainmydomainAdmin -ArgumentList '-noprofile -command &{Start-Process notepad -verb runas}'"

基本上,我使用Admin帐户登录,我想从MyAccount具有访问权限的某些共享中复制。我想将type-9登录(/netonly Switch)与传递凭据一起使用。

使用以下命令我可以这样做,但是我必须输入密码。

" runas /netonly /user:myadminmyaccount "robocopy source destination" "

请帮助指向正确的方向

使用模仿,您可以使用脚本或其他地方定义的凭据进行Netonly Type登录,而无需每次键入它们。

(请注意,与此示例相比,Write-host在模拟时不会编写其他用户名。这是特别是因为新的凭据登录类型(INT 9)仅在访问远程资源时模仿所需的用户。)

$ImpersonationLib = Add-Type -Namespace 'Lib.Impersonation' -Name ImpersonationLib -MemberDefinition @"
[DllImport("advapi32.dll", SetLastError = true)]
public static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
[DllImport("advapi32.dll", SetLastError = true)]
public static extern bool DuplicateToken(IntPtr token, int impersonationLevel, ref IntPtr duplication);
[DllImport("kernel32.dll")]
public static extern Boolean CloseHandle(IntPtr hObject);
"@ -PassThru
[System.IntPtr]$userToken = [System.IntPtr]::Zero
$success = $ImpersonationLib::LogonUser('YourUserName',      # UserName
                                    'DomainOrWorkstationNameIfLocal',       
# Domain
                                    'Password', #Password
                                    9, # New credentials-based logo
                                    0, # LOGON32_PROVIDER_DEFAULT
                                    [ref]$userToken) 
if ($success -eq $false)
{
     Write-Host 'Failure to execute logon user.'
     Exit
}
$Identity = New-Object Security.Principal.WindowsIdentity $userToken
# Close open handles.
if ($userToken -ne [System.IntPtr]::Zero)
{
  $null = $ImpersonationLib::CloseHandle($userToken)
  $userToken = [System.IntPtr]::Zero
}
# Current user.
Write-Host "Before impersonation: UserName: 
$([Security.Principal.WindowsIdentity]::GetCurrent().Name)" -ForegroundColor Cyan
# Do the impersonation.
$context = $Identity.Impersonate()
# New user.
Write-Host "After impersonation: UserName: $([Security.Principal.WindowsIdentity]::GetCurrent().Name)" -ForegroundColor Cyan

# Return to original user.
$context.Undo()
$context.Dispose()
# Old user.
Write-Host "After undoing impersonation: UserName:     
$([Security.Principal.WindowsIdentity]::GetCurrent().Name)"

登录类型的参考:msdn -logon用户功能

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium