I want to install a service with a GPO at the user logon (so it is deployed with elevated administrator rights) and with a domain admin account.
So, I have encrypted the password on the network in a txt file... Below my method to encryt it (for information I use PowerGUI Pro Script Editor with the specified account below and as administrator) :
Read-Host"Enter a login : domain\toto"
Read-Host-prompt"Enter the password"-AsSecureString |ConvertFrom-SecureString |out-file\\x.x.x.x\share\cred.txt
I obtain a code in my text file like 01000000d08c9ddf0115d1118c7a00c04fc297eb010000008c5e....... etc...
Below the script which create and start the service:
$Login="domain\toto"
$Password=Get-Content"\\x.x.x.x\share\cred.txt " |ConvertTo-SecureString
$Credential=New-Object-typenameSystem.Management.Automation.PSCredential-ArgumentList$Login,$Password
$Cible="."
$WebService=Get-Service |where {$_.displayname-like"My Service"}
if (!($WebService))
{icm-ComputerName$Cible-ScriptBlock {
& c:\windows\system32\sc.exe create"My Service " binpath= c:\windows\system32\srvany.exe Displayname=" My Service " start= auto
& c:\windows\system32\sc.exe description"My Service""Service TEST."
& Reg Add"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\My Service \Parameters" /v "Application" /d"C:\tmp\My Service.exe"
& c:\windows\system32\sc.exestart"My Service" }-credential$credential>>c:\tmp\log.log }
srvany.exe and "My Service.exe" are copied on the correct directory before, by another script...
When I log myself on another computer, using a domain user account, the script prompts me to enter a domain\login and password...????
Image may be NSFW.
Clik here to view.
If I type the correct information, the service installs it and correctly runs...
Someone can tell me what I do wrong ? Thanks in advance for your help ! :)
