I’m testing an install of Microsoft patches using Install-MSUpdates.
I login as “greg” as a non privileged user.
I run PowerShell as user “admin-greg” with admin rights.
I run the install and it submits a task to install the patches. The username it uses is the user I logged into “greg”. The install fails due to lack of privileges. I want it to submit the task as “admin-greg” which will have the privs to install the patches. Is there a way I can do this other than to logoff user “greg” and login user “admin-greg”?
In Windows 7 and up, a regular user is blocked from creating Scheduled Tasks (Security thing)
And a Scheduled Task running elevated (with “Admin-Greg” for example) is blocked from creating Scheduled Tasks (Security thing, again)
Most people use a tool like SCCM (AKA MECM) to launch installations on multiple computers.
Are you using something like that?
Thank you for the reply!
Yes, I’m using SCCM. I was just running the script to debug.
I’m running Powershell as an admin user so I have the privs. What I’m seeing is that its submitting the job as the user that I logged in with, not the user where the powershell command runs.
It does submit the task. But it’s using my non-prived user when It submits it. I was wondering if there was a way to get it to submit the job under the username where it runs.
-Greg
Why do your Windows updates need to be installed as a user? (Elevated or not)
Most (all?) people launch installs in SCCM as SYSTEM. Updates and applications.
Thanks for the reply. SCCM will eventually install them as SYSTEM. I was just testing the .ps1 script before I deployed it via SCCM.
-Greg
Test the PS1 with an elevated account.
Do not waste your time with an unelevated account.
Then test WITH SCCM as SYSTEM.
Things run a bit different under SYSTEM