Run OneShot tasks with dedicated user
This commit is contained in:
parent
f468804c95
commit
e6f8bdc774
1 changed files with 20 additions and 4 deletions
|
|
@ -13,6 +13,10 @@ $null = New-Module {
|
||||||
# ToDo: Store "ProgramData/PortValhalla" path somewhere as const
|
# ToDo: Store "ProgramData/PortValhalla" path somewhere as const
|
||||||
$errorPath = "$env:ProgramData/PortValhalla/error.txt";
|
$errorPath = "$env:ProgramData/PortValhalla/error.txt";
|
||||||
|
|
||||||
|
$getUserName = {
|
||||||
|
"$(Get-SetupUser)OneShot";
|
||||||
|
};
|
||||||
|
|
||||||
$taskSetter = {
|
$taskSetter = {
|
||||||
param([Nullable[OneShotTask]] $Task)
|
param([Nullable[OneShotTask]] $Task)
|
||||||
Set-SetupOption $taskOption ([string]$Task);
|
Set-SetupOption $taskOption ([string]$Task);
|
||||||
|
|
@ -56,12 +60,23 @@ $null = New-Module {
|
||||||
#>
|
#>
|
||||||
function Enable-OneShotListener {
|
function Enable-OneShotListener {
|
||||||
$tempTask = "PortValhalla Temp";
|
$tempTask = "PortValhalla Temp";
|
||||||
$action = New-ScheduledTaskAction -Execute "pwsh" -Argument ([string](Get-StartupArguments));
|
$user = & $getUserName;
|
||||||
|
$password = [string]([guid]::NewGuid());
|
||||||
|
|
||||||
|
$adminGroup = @{
|
||||||
|
SID = [SecurityIdentifier]::new([WellKnownSidType]::BuiltinAdministratorsSid, $null);
|
||||||
|
};
|
||||||
|
|
||||||
|
$null = New-LocalUser -Name $user -Password (ConvertTo-SecureString -AsPlainText $password);
|
||||||
|
Add-LocalGroupMember -Member $user @adminGroup;
|
||||||
|
$path = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList";
|
||||||
|
$null = New-Item -Force -ErrorAction SilentlyContinue $path;
|
||||||
|
Set-ItemProperty $path -Name $user -Value 0;
|
||||||
|
|
||||||
|
$action = New-ScheduledTaskAction -Execute "pwsh" -Argument "-Command & { $([string](Get-StartupCommand)) } 2>&1 | Tee-Object -FilePath `$env:ProgramData/PortValhalla/OneShotTask.log";
|
||||||
schtasks /Create /SC ONEVENT /EC $logName /MO "*[System[Provider[@Name='$logName'] and EventID=$($oneShotTrigger)]]" /TR cmd.exe /TN $tempTask;
|
schtasks /Create /SC ONEVENT /EC $logName /MO "*[System[Provider[@Name='$logName'] and EventID=$($oneShotTrigger)]]" /TR cmd.exe /TN $tempTask;
|
||||||
$trigger = (Get-ScheduledTask $tempTask).Triggers;
|
$trigger = (Get-ScheduledTask $tempTask).Triggers;
|
||||||
$principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -RunLevel Highest;
|
$null = Register-ScheduledTask -Force $oneShotTaskName -Action $action -Trigger $trigger -RunLevel Highest -User $user -Password $password;
|
||||||
$task = New-ScheduledTask -Action $action -Principal $principal -Trigger $trigger;
|
|
||||||
$null = Register-ScheduledTask -Force $oneShotTaskName -InputObject $task;
|
|
||||||
$null = Unregister-ScheduledTask -Confirm:$false $tempTask;
|
$null = Unregister-ScheduledTask -Confirm:$false $tempTask;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -71,6 +86,7 @@ $null = New-Module {
|
||||||
#>
|
#>
|
||||||
function Disable-OneShotListener {
|
function Disable-OneShotListener {
|
||||||
Unregister-ScheduledTask -Confirm:$false $oneShotTaskName;
|
Unregister-ScheduledTask -Confirm:$false $oneShotTaskName;
|
||||||
|
Remove-LocalUser (& $getUserName);
|
||||||
}
|
}
|
||||||
|
|
||||||
<#
|
<#
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue