Windows – Powershell service creation with ad credentials logon error

active-directorypowershellservicewindowswindows-server-2008

Powershell service creation with AD credentials issue

I use the script below to create a service running with AD credentials.

However when I run it I get an error message (also below).

If I then edit the service and enter exactly the same credentials through the services.mmc snapin it works? How can I fix this?

Error Message

Windows could not start the "SamsService" service on local computer.
Error 1069: The service did not start due to a logon failure.

Powershell

$serviceName = "SamsService"
$exePath = "c:\services\service.exe"
$userName = "mydomain\serviceuser"
$securePassword = convertto-securestring -String "1a_really_$trong_password1" -AsPlainText -Force  
$credentialsObject = new-object -typename System.Management.Automation.PSCredential -argumentlist $userName, $securePassword

New-Service -BinaryPathName $exePath -Name $serviceName -Credential $credentialsObject -DisplayName $serviceName -StartupType Manual

Best Answer

Powershell string interpolation caught me out

My password generator creates really strong passwords that always includes $

I had not recognised that the $ was being interpolated in the password string to mean a variable. After escaping the $ with ` the above code works a treat.

Related Solutions

Powershell – Kill process, then uninstall application–Can I do this with PowerShell, over 400 computers, from a txt file

While this is technically possible, there's probably a better way to go about it.

And speaking of better ways to go about it, You could do this in a GPO with a few lines of code as a startup or shutdown script, which is how I handle this. With a few more lines of code you could log the results of checking for the presence of this thing and/or uninstalling it, which would undoubtedly be useful in your compliance efforts.

If a GPO-linked startup/shutdown script's not an option for whatever reason, I think I'd use PSExec to kill the process on a list of computers read in from file and then script the uninstall in an appropriate language. Seem to me that this is a lot easier in VB, for example.

a=WshShell.RegRead("HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\UninstallString")

If a<>"" Then

WshShell.Run(a&" /S"),1,True
i=i+1

end if

(Goodbye Google Toolbar, in that example which I wrote or copied a few years back. Copied, probably. I am rather lazy.)

Without debugging the PS script you copied, I'd point out that you might be running a different PS version, different PS modules installed/loaded and/or there might be some dependencies that your XP machines don't have in place that's causing problems.

Powershell – Create Project Web Application Site With Powershell

I finally found the solution on my own. Turns out, during the removal process, I had not removed and recreated the Application Pool for the Project Service Application...this is a needed step when doing this process through Powershell (and, according to Microsoft, the example on TechNet don't work, because they don't mention this needed step).

So, Prior to Step 1 above, you need to run:

New-SPServiceApplicationPool  -Name "MS Project App Pool" -Account "[admin account]"

And this also elminates the need for Step #2 above...after recreating the Application Pool, the -Proxy switch on the command in Step 1 successfully created the Proxy.