Invoke-CommandAs icon indicating copy to clipboard operation
Invoke-CommandAs copied to clipboard
verified publisher icon mkellerman

Unable to submit credential objects as arguments

Open skille opened this issue 5 years ago • 6 comments

Cannot serialize the credential. If this command is starting a workflow, the credentials cannot be persisted, because the process in which the workflow is started does not have permission to seri alize credentials. -- If the workflow was started in a PSSession to the local computer, add the EnableNetworkAccess parameter to the command that created the session. -- If the workflow was started in a PSSession to a remote computer, add the Authentication parameter with a value of CredSSP to the command that created the session. Or, connect to a session conf iguration that has a RunAsUser property value. + CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Invoke-ScheduledTask + PSComputerName :

skille avatar May 28 '20 22:05 skille

Please provide an example of the code you are executing.

mkellerman avatar May 28 '20 22:05 mkellerman

I tested now again, unable to provoke the error, but still, the code does not run. Import-Module -Name Invoke-CommandAs $Credential = Get-Credential $Server = 'ServerName' Invoke-CommandAs -ComputerName $Server -AsSystem -ArgumentList $Credential -ScriptBlock { param ($Credential) $Credential.UserName } The username is not returned

This also returns nothing; Invoke-CommandAs -ComputerName $Server -AsSystem -ArgumentList $Credential -ScriptBlock { param ($Credential) Test-Path -Path $env:TEMP }

Removing the argument returns True as expected. Invoke-CommandAs -ComputerName $Server -AsSystem -ScriptBlock { Test-Path -Path $env:TEMP }

Looking besides this issue, I must say you have done an impressive job with this module!

skille avatar May 29 '20 06:05 skille

You can pass credential parameter inside this scriptblock.. too much inceptions.. lol rename it to $cred or something

mkellerman avatar May 29 '20 06:05 mkellerman

ffs! Thanks a lot ! ;) `Invoke-CommandAs -ComputerName $server -ArgumentList $Credential -ScriptBlock {

param($Cred) $Cred.username test-path $env:temp } ` Now returning both the username and True :)

Have a nice day :)

skille avatar May 29 '20 06:05 skille

Actually, I tested wrong when I closed the case. I forgot to add the -AsSystem switch. Adding it returns nothing. Invoke-CommandAs -ComputerName $ServerName -ArgumentList $Credential -AsSystem -ScriptBlock { param($Cred) $Cred.username test-path $env:temp }

skille avatar May 29 '20 08:05 skille

I worked around this problem by converting the credential objects to an base64 encoded string and back. ` $Base64Credential = [Convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes((@{ UserName = $Credential.UserName Password = $Credential.GetNetworkCredential().Password } | ConvertTo-Json)))

Invoke-CommandAs -ComputerName $ServerName -AsSystem -ArgumentList $Base64Credential -ScriptBlock { param( $Base64Credential ) $Credential = [Text.Encoding]::UTF8.GetString([Convert]::FromBase64String($Base64Credential)) | ConvertFrom-Json $Credential = New-Object -TypeName PScredential -ArgumentList $Credential.UserName,$(ConvertTo-SecureString -String $Credential.Password -AsPlainText -Force)

$Credential

} `

skille avatar Jun 03 '20 22:06 skille