Kaseya Community

Use Credential not working as I expect - help?

  • I have a PowerShell script, called by a Kaseya script, that needs to be run as the user specified in Set Credential.  (It does some looking through directories and so it needs to have the appropriate credentials to read to the NTFS folders.)  I'm kind of stuck because while the script runs and behaves as expected, but it doesn't work because it's not running as the correct user.  It should run as the Administrator (which is what was set under Set Credential), but instead it runs as the user that the Kaseya Agent runs as.  I can run the script directly on the machine as the correct user and it does work.  So, I added a "Use Credential" to my Kaseya script, but a whoami run by the PowerShell script reports (NT Authority\System) which is the user that the Kaseya Agent runs as.  Am I missing something obvious, is there a trick to Use Credential, or is this a bug?  I've put in a support ticket, but hoping maybe someone else has encountered this and knows the answer?

     

     

      <?xml version="1.0" encoding="utf-8" ?>
    - <ScriptExport xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.kaseya.com/vsa/2008/12/Scripting">
    - <Procedure name="Acronis Backup Verifier" treePres="3" id="1813476166">
    - <Body description="Verify Acronis Backups">
    - <Statement description="Write the selected file to the machine at the path specified - full path required." name="WriteFile" continueOnFail="false" osType="Windows">
      <Parameter xsi:type="StringParameter" name="Path" value="C:\temp\TestFileLib.ps1" />
      <Parameter xsi:type="StringParameter" name="ManagedFile" value="runscripts\backups\TestFileLib.ps1" />
      <Parameter xsi:type="BooleanParameter" name="DeleteAfter" value="False" />
      </Statement>
    - <Statement description="Ensure powershell can run local scripts" name="SetRegistryValue" continueOnFail="false" osType="Windows">
      <Parameter xsi:type="StringParameter" name="RegistryPath" value="HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell\ExecutionPolicy" />
      <Parameter xsi:type="StringParameter" name="Value" value="Unrestricted" />
      <Parameter xsi:type="EnumParameter" name="DataType" value="String" />
      </Statement>
      <Statement description="Use the user logon credentials set for the machine ID to execute a file or shell command - Windows 2000 and above only." name="UseCredential" continueOnFail="false" osType="Windows" />
      <Statement description="Attempts to return results of a shell command to a global variable '#global:cmdresults#'" name="Execute Shell Command - Get Results to Variable" continueOnFail="true" />
    - <Statement description="Delete the specified file - full path to the filename required." name="DeleteFile" continueOnFail="false" osType="Windows">
      <Parameter xsi:type="StringParameter" name="Path" value="c:\temp\testfilelib.ps1" />
      </Statement>
      </Body>
      </Procedure>
      </ScriptExport>

     

  • Check the "Execute as" option, you would want to use the "Execute as the logged on user" option with the "Use Credential. Your Agent Credentials should be either a local admin or a domain admin that has local permissions. Also there is an "Impersonate user" option that you could try.

  • Thanks, HardKnoX - I was setting Use as System account in the script.  It's working properly when I set it as Execute as the Logged on user.  I didn't think that one through.  Appreciate the help!