Running quser.exe in PowerShell scripts works in IDE but not when running as a service
If I run the following snippet in a console window or in ISE it works as expected, listing the active user sessions on the local computer:
(Invoke-Expression "$env:windir\system32\quser.exe") -replace '\s{2,}', ',' | ConvertFrom-Csv
Unfortunately this is not a console application, rather a PowerShell script that is installed as a service. The service runs as LocalSystem (not LocalService). When the service attempts to run this code it outputs the following error:
The term 'C:\Windows\system32\quser.exe' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
I contacted Sapien support and was informed that A service runs with no profile and does not have execution access to the system folders. You need to give the service account execution access to the exe and its support DLLs as well as using the full path to the EXE.
I have proven (I think) that the security principal has access to quser. I used PSExen to open a PowerShell console running as LocalSystem and successfully ran the quser application:
The issue MUST be that I'm running as a service. Does anyone know how I can access/use QUser in a service?
I guess the real question would be, how can services running as LocalSystem execute applications in system folders?
My guess is that whatever tool you are using to run your PowerShell script as a service is 32-bit, and there is not a quser.exe in C:\Windows\SysWOW64.
If this is the case, you can probably work around this on a 64-bit OS by running C:\Windows\Sysnative\quser.exe (see File System Redirector in the documentation for details).
If that's the case, I would say that the information you got ("service runs with no profile and does not have execution access to the system folders") is simply incorrect.
- How to truncate text in string after/before separator in PowerShell
- Pipe complete array-objects instead of array items one at a time?
- How to add a property to Azure table storage row with Azure Powershell module
- PowerShell Start-Job Working Directory
- How to share variable value from a reusable to its caller workflow
- Write-Output with no BOM
- Convert Dictionary to xml with proper format?
- Redirect powershell output and errors to console (in real-time) and to a variable
- ConvertTo-JSON an array with a single item
- How to take a file with 2 columns and compare the first column to a CSV and update the CSV to the second column data in PowerShell?
- AzurePowerShell@5 not working with Az.Resources 6.16.0
- How do I use Format-Table without truncation of values?
- Powershell missing path
- Are pipeline variables available in PowerShell task in Azure DevOps?
- Powershell 5.1.16299.1146 Get-ADGroupMember An operations error occurred
- Edit Windows Terminal profiles settings JSON from PowerShell
- Multiple foreground colors in PowerShell in one command
- How to make sure a file used by a steppable pipeline is closed even in case of an exception?
- How can i remove signing from Powershell?
- How to declare an unsigned 32-bit integer?
- How to preserve new lines from command output printed out using Write-Host in PowerShell?
- PowerShell IISAdministration: use of "-Confirm" parameter
- SQLite querying using embedded C#
- How to delete all lines AFTER and INCLUDING a certain string?
- How to end server in VSCode after closing terminal window
- Creating file on remote directory using MemoryStream, WinSCP and PowerShell
- Correct Way To Escape Quotes In PowerShell Command Run From Command Line?
- How to run a PowerShell script
- Is it possible to override the Getter/Setter functions in a powershell 5 class?
- Can't get all excel processes to stop when closing through Powershell