Forum Discussion
Trying to copy files from network share while running a remediation script in Intune
I need to copy a file from the network share to the C:\windows\temp folder, then install the software on the local machine using the proactive remediation script. All of our software installation fil...
Hi
It depends on your setup 🙂
If the nas is accessible from the "system" account it could be possible. But I guess that is going to be the mayor issue here. So you have to add some credentials to th proactive remediations and thats not cool 🙂 . You can remove them afterwards but.....
So my first advice, check if you could access the share from a system account (psexec) Another option would be to run the proactive rem as the current user, so you could access the nas, but than you also should have the proper permissions to start installing the app 🙂
It depends on your setup 🙂
If the nas is accessible from the "system" account it could be possible. But I guess that is going to be the mayor issue here. So you have to add some credentials to th proactive remediations and thats not cool 🙂 . You can remove them afterwards but.....
So my first advice, check if you could access the share from a system account (psexec) Another option would be to run the proactive rem as the current user, so you could access the nas, but than you also should have the proper permissions to start installing the app 🙂
Rudy_Ooms_MVP Ok so using psexec -s -i powershell, I tried navigating to the network share \\sharename and access denied. What exactly do you mean by adding credentials to custom remediation script? Is there a way to run script in SYSTEM context BUT retrieve the .exe from the network share and place it in the temp folder using other specified credentials?
Could I use an invoke-command to run series of commands as specified user?
$password = ConvertTo-SecureString "hello1" -AsPlainText -Force
$Cred = New-Object System.Management.Automation.PSCredential ("myUsername", $password)
$alternateUsers = [scriptblock]{
Copy-Item -Path (Join-Path -Path "\\sh.com\util\software\FreshService\2.9 Agent" -ChildPath "fs-windows-agent-2.9.0.msi") `
-Destination "$tempPath\fs-windows-agent-2.9.0.msi"
}
Invoke-Command -ScriptBlock $alternateUsers -Credential $Cred
Can something like this work? And the script still stays in the SYSTEM context just not the script block, yea?