• State Verified Answer
  • Locked Locked
  • Replies 11 replies
  • Subscribers 32 subscribers
  • Views 845 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

SAM 6.2 Powershell Script Monitor Run As has no effect

martinforster

Hello,

i want to run a Powershell script on the poller Server, under a specific account.

However it looks like that the script is always executed as System not as the specified user.

verified with the

whoami executeable

and the

[System.Environment]::UserName

Does anyone have experience with that ?

Below is excerpt from the debug log ...

Thanks

Martin

2015-05-18 11:57:39,613 [STP SmartThreadPool Thread #2] [C9501] DEBUG SolarWinds.APM.Logging.ApmJobContextInfo - Reseting thread log data

2015-05-18 11:56:28,311 [STP SmartThreadPool Thread #2] [C9501] DEBUG SolarWinds.APM.Probes.MonitorJob - Monitor test starting - ComponentId: 9501; NodeId: 348; NodeName: Servername; ApplicationId: 106; ComponentName: CRL Lifetime; ComponentType: SolarWinds.APM.Probes.PowerShellProbe, SolarWinds.APM.Probes, Version=6.2.0.1080, Culture=neutral, PublicKeyToken=null; CustomLogEnabled: True; TestSessionId: 5568bdbf-a84b-495d-9fa8-f1d50720f15e;

2015-05-18 11:56:28,327 [STP SmartThreadPool Thread #2] [C9501] DEBUG SolarWinds.APM.Probes.MonitorJob - Current process: SWJobEngineWorker2x64 (PID 39828)

2015-05-18 11:56:28,327 [STP SmartThreadPool Thread #2] [C9501] DEBUG SolarWinds.APM.Probes.MonitorJob - Using new credentials prestagroup\pgsmonadm

2015-05-18 11:56:28,327 [STP SmartThreadPool Thread #2] [C9501] DEBUG SolarWinds.APM.Probes.Script.PowerShellScriptHelper - Impersonating execution user:username, domain:mydomain agentExecutionMode:False

2015-05-18 11:56:28,342 [STP SmartThreadPool Thread #2] [C9501] DEBUG SolarWinds.APM.Probes.Script.PowerShellScriptHelper - Creating local runspace

2015-05-18 11:56:28,436 [STP SmartThreadPool Thread #2] [C9501] DEBUG SolarWinds.APM.Probes.Script.PowerShellScriptHelper - PS Runspace opened [id:7f2975f7-f57f-4393-b25c-c3a8ca998b4e,uri:http://10.58.8.213:5985/wsman]

2015-05-18 11:56:28,436 [STP SmartThreadPool Thread #2] [C9501] DEBUG SolarWinds.APM.Probes.Script.PowerShellScriptHelper - Processing macros: 40 variables processed

2015-05-18 11:56:28,436 [STP SmartThreadPool Thread #2] [C9501] DEBUG SolarWinds.APM.Probes.Script.PowerShellScriptHelper - Number of script arguments: 1

2015-05-18 11:57:39,613 [STP SmartThreadPool Thread #2] [C9501] DEBUG SolarWinds.APM.Probes.PowerShellProbe -

Begin PowerShell Execute Result: ================================

Target: 10.58.8.213

Script:      ====================================================

    Write-Host "Message.BaseCRL: NO CA found with the provided CA Name of $server executed as user $([System.Environment]::UserName)";

Output:      ====================================================

Message.BaseCRL: NO CA found with the provided CA Name of Servername executed as user SYSTEM

Statistic.BaseCRL: 0

Statistic.DeltaCRL: 0

Errors:      ====================================================

Result:      ====================================================

Component Evidence Type: DynamicEvidence

Component Type: None

Actual Outcome: Undefined

Registered Errors:

APM Error Code is ReturnDifferent, message: Testing on node '10.58.8.213' failed with 'Unknown' status ('Unknown' might be different if script exits with a different exit code).

Dynamic Monitor Result Info:

Outcome based on statistic thresholds: Undefined

End PowerShell Execute Result ===================================

2015-05-18 11:57:39,613 [STP SmartThreadPool Thread #2] [C9501] DEBUG SolarWinds.APM.Probes.MonitorJob - Monitor test finished - ComponentId: 9501; NodeId: 348; NodeName: Servername; ApplicationId: 106; ComponentName: CRL Lifetime; ComponentType: SolarWinds.APM.Probes.PowerShellProbe, SolarWinds.APM.Probes, Version=6.2.0.1080, Culture=neutral, PublicKeyToken=null; CustomLogEnabled: True; TestSessionId: 5568bdbf-a84b-495d-9fa8-f1d50720f15e;

  • 0

    Could you share the script you're running, as well as the application template itself? With any confidential information redacted ofc.

    From the OP , the main error you're seeing appears to be with a certificate, or lack of it. Try disabling any security on your script (for testing purposes) and see if it works.

  • 0 in reply to silverbacksays

    Agreed. It looks as though you have this component configured to use remote execution using HTTPS rather than local execution.

  • 0

    Hello,

    ok i have no way to attach a binary so i post a screenshot ...

    pastedImage_0.png

    Basically i have local execution and Run Script under the specified account.

    Thanks

  • 0 in reply to martinforster

    Could you post the script itself as well please? The 'script body' portion of the above doesn't show the whole script. On the face of it, there's nothing wrong with the settings in the template (As long as the stored credentials it pulls from the SAM credentials are correct).

  • 0 in reply to silverbacksays

    As long as the stored credentials it pulls from the SAM credentials are correct).

    The script does not retrieve any credentials.

    the Script should be executed in the context of this credentials.

    Is that not the way how it should work ?

    Regards

  • 0 in reply to martinforster

    I was referring to the credentials specified under the section 'Credential For Monitoring'. As you rightly said, the script will be executed under the security context of the credential set named 'PG.Mon.Admin'. As long as this user has sufficient rights on the target system to execute all aspects of the script, it should work as intended.

    Does your script call an executable or service? It's possible that the problem you're having is down to the service running as system, which is not uncommon, rather than the specified user account which is running the script.

  • 0 in reply to silverbacksays

    im using pspki from codeplex to access a remote PKI, it works flawless when i execute it in a interactive Powershell session.

    It do not use PSRemoteing.

    Unfortunately, i do not have the clearance of my company to publish the full script.

    when i try to get the user context of the script it returns system

    with     

         whoami.exe

         $([System.Environment]::UserName)

    and the computer account of my polling server does not have the sufficient rights.

  • 0 in reply to martinforster

    Tough one, as it's definitely down to user access rights. Could you change the user that the script runs as, temporarily, to one that has higher rights, just to confirm?

  • 0 in reply to martinforster

    Currently the impersonation you use in the script does not probably works as you expect it to work. The impersonation in SAM is currently setup to work only for new outbound connections made from the script. The "whoami", "[Environment]::UserName" nor "[System.Security.Principal.WindowsIdentity]::GetCurrent().Name" will yield you the "PG.Mon.Admin". To change this behavior you can create a feature request, to be able to select desired type of impersonation (there are like 8 of them), you can use Agent, which does use different type of impersonation and there the latter two mentioned methods will yield "PG.Mon.Admin", or you could tweak the script to receive the "PG.Mon.Admin" as input argument and pass it to the script.

  • FormerMember
    0 FormerMember

    Do you have UAC on? Earlier I noticed that agent doesn't work properly if UAC is on.

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.