Background / Goal
I have a VMWare template that I am deploying and I am using VMWare's "customization specifications" to perform many of the sysprep tasks.
The last thing I need to accomplish is the silent install of several applications in sequence. I have a PowerShell script that does this, but it only works when elevated.
VMWare has a "Run Once" feature as part of its customization specifications. Ideally, I'd like to use this to call the PowerShell script in an elevated manner so it will run when I logon for the first time as an Administrator.
What I've Tried / Problems
- I tried calling PsExec -s from the Run Once command, and had PsExec call the powershell. Unfortunately, PsExec needs to run in an elevated command line, so this doesn't work out.
Question
It occurrs to me that this might not be possible. Am I thinking about it wrong? Should I instead be authoring a remote PS1 and running it against the macine that's created? This is doable but i wanted to try to automate things as much as possible and remove any confusion for people besides me who may want to deploy.
Best Answer
Taken from http://poshcode.org/695
What @Tony Roth said. If VMware's own customization process is run with elevated privileges then all its child process should do so too, so launching a Powershell script there should run with the associated processes.
If not then I don't know a way of elevating without interaction. Thats kind of the point of the elevation system. The code above will elevate a process from a non admin to an admin userspace, however you will have to click past UAC, I use this in my builds.
Startup contains the Elevate-Process script that simply calls the main script. As the machine starts after first boot it kicks this off, you click on OK on the UAC and it completed the rest with admin privileges.
As an alternative perhaps disable UAC in your initial build and then include code to re-enable it at the end of the build?
This looks like it will help with that but note I haven't used it.