0

I have a Windows batch script that copies an EXE or batchfile to a remote fileshare and runs it on the remote server using PowerShell WinRM. The line that runs the command remotely looks like this:

ECHO Invoke-Command -Authentication CredSSP -Credential %USERDOMAIN%\%USERNAME% -ComputerName %SERVER_NAME% -ScriptBlock { cd (gwmi Win32_Share -Filter "name='%SHARE_NAME%'").Path ; .\%MY_EXE_TO_RUN% } |PowerShell.exe -Command -

I need to change the current directory to the fileshare directory where the EXE/batch file to be run is located (it relies on this). It also must be a local directory - if I try to CD \\%SERVER_NAME%\%SHARE_NAME% this works for an EXE, but fails for a batch file, cmd.exe doesn't support a UNC path as current directory. However, I also don't want to hardcode in the script the local path for the share, so I try to look it up in WMI.

This works fine for admins, but fails for non-admins with an Access denied error. These non-admin users can RDP to the server, open PowerShell and successfully run gwmi Win32_Share there. So it seems like the permissions checks are somehow different when running via WinRM!

I found http://www.adilhindistan.com/2013/10/permissions-to-access-wmi-remotely.html but it seems pretty complicated to do on many servers. I don't need remote WMI access for anything other than this. Perhaps there is another way to resolve the local path for the share? Or, alternatively, can I somehow run the WMI query and have the local permission checks applied to it? After all, I am already code on the remote server, so there should be some way to do this.

EM0
  • 351
  • 7
  • 20
  • 1
    Although `cmd` does not support UNC names as the current directory you could still use temporary drive map via [`pushd \\%SERVER_NAME%\%SHARE_NAME%`](http://ss64.com/nt/pushd.html) providing that [Command Extensions](http://ss64.com/nt/cmd.html) are enabled. Se also [SETLOCAL](http://ss64.com/nt/setlocal.html) and don't forget to [apply `popd` (remove temporary drive mapping)](http://ss64.com/nt/popd.html). – JosefZ Oct 26 '16 at 17:51
  • Brilliant, that works! The catch was that I had to call the cmd.exe pushd, not the PowerShell pushd: `ECHO Invoke-Command -Authentication CredSSP -Credential %USERDOMAIN%\%USERNAME% -ComputerName %SERVER_NAME% -ScriptBlock { cmd /c "pushd ``"\\%SERVER_NAME%\%SHARE_NAME%\%MY_SUBDIR_UNDER_SHARE%``" && ``"EXE_TO_RUN``" & popd" } |PowerShell.exe -Command -` – EM0 Oct 27 '16 at 10:12
  • Not sure how to escape backticks in a SO comment, but those double backticks were meant to be single backticks (to escape " for PowerShell). @JosefZ if you want to post this as the answer I'll accept it. – EM0 Oct 27 '16 at 10:14
  • Please take a look on my updated answer: you could use [`Push-Location` cmdlet](https://technet.microsoft.com/en-us/library/hh849855.aspx) in Powershell. – JosefZ Oct 27 '16 at 18:44
  • Thanks, I already tried that, but this fails for batch files, because then it tries to start cmd.exe with the UNC path as current directory, which fails. So it's really the cmd.exe pushd I need here, not the PowerShell pushd (alias for Push-Location). – EM0 Oct 28 '16 at 12:29

1 Answers1

1

I can give only a hint as provided code snippet appears to me slightly unclear.

Although cmd does not support UNC names as the current directory you could still use temporary drive map via pushd command providing that Command Extensions are enabled:

PUSHD: When a UNC path is specified, PUSHD will create a temporary drive map and will then use that new drive.
The temporary drive letters are allocated in reverse alphabetical order, so if Z: is free it will be used first.

pushd \\%SERVER_NAME%\%SHARE_NAME%

Do not forget to remove temporary drive mapping via applying popd command:

POPD: Change directory back to the path/folder most recently stored by the PUSHD command. POPD will also remove any temporary drive maps created by PUSHD.

See also cmd /? and SETLOCAL for more information on Command Extensions.

Update: Powershell supports UNC names as the current directory:

Push-Location \\$env:SERVER_NAME\$env:SHARE_NAME\$env:MY_SUBDIR_UNDER_SHARE
JosefZ
  • 1,514
  • 1
  • 10
  • 18