I needed to adjust NTFS folder security using powershell on a remote folder. The user was ‘LOCAL Service’. The command contains the ` character, it’s a escape key for having double quotes inside a string. Interesting way of powershell handling that. Better than VBScript and Chr(34) etc..
param
(
[String] $MachineName
)
$cmd=”cmd /c C:windowssystem32icacls.exe E:WWWLogsW3SVC1 /grant `”NT AuthorityLOCAL SERVICE:(OI)(CI)(M)`””
$server=$MachineName
#$user=”domainuserName”
#$pass=”p@ssw0rd“
$process = [WMIClass]”\$serverROOTcimv2:Win32_Process“
#$process.psbase.Scope.Options.userName=$user
#$process.psbase.Scope.Options.Password=$pass
#$process.psbase.Scope.Options.Impersonation = [System.Management.ImpersonationLevel]::Impersonate
#$process.psbase.Scope.Options.Authentication = [System.Management.AuthenticationLevel]::PacketPrivacy
$process.Create($cmd)
# get process id and returnValue
$process.ProcessId
$process.ReturnValue
One thing I couldn’t get around was the command line arguments. When I tried to launch powershell remotely using
$cmd=”powershell C:windowssystem32icacls.exe E:WWWLogsW3SVC1 /grant `”NT AuthorityLOCAL SERVICE:(OI)(CI)(M)`””, it wouldn’t work.
I had to revert using cmd.exe to handle the process. If a powershell guru know how to do that, please post.
Happy Powershelling.
Steve
Hi Steve, this worked for me:
$cmd = “powershell -noprofile “”& icacls.exe c:test /grant ‘NT AuthorityLOCAL SERVICE:(OI)(CI)(M)’”””
$process = [WMIClass]”\$serverROOTcimv2:Win32_Process”
$process.create($cmd)
Hi Shay,
Excellent! I’ll give this a try today and see if I’m able to execute a powershell command remotely.