Modify terminalservicesprofilepath from machine off the domain

I can run this powershell to set the term svc path, if I’m on the domain controller, but I need to be able to run
this from a machine that’s a member of a different domain (it’s part of a student domain user creation app run on the staff domain)

cls
import-module ActiveDirectory
$user = [ ADSI ] "LDAP://CN=aaaddd.aaaddd,OU=Alaska Users,OU=Alaska,OU=XXXXX,DC=XXX,DC=XXXX,DC=org";
$user.psbase.Invokeset( "terminalservicesprofilepath", "\\ad\rds\ProfileAlaska\abab.ababf" );
$user.setinfo();

$user
$user.psbase.InvokeGet( "terminalservicesprofilepath" );

I know I wrote a script years ago that could update account names from off the domain, but I can’t find it or figure out how
I did it last time…

The powershell script will be being called from within a webApp that does the rest of character creations.

I’m an old coder, but a noob at powershell. So please feel free to include any links you think I should read to get necessary background info to understand your answer.

Thanks,

Eric-

you could use New-PSDrive to connect to the other domain see http://www.joseph-streeter.com/?p=799 then you can switch to this domain in powershell. Any commands you type in the shell will be run on the PS drive domain

Sorry, on more clarification,

How can I set the password, so this can be called from within another process?

I didn’t ass that part to keep the question focused, but I’m going to run the script from an application… so I need to embed the
user/password…

I’ll go add that to the original question…

This is what I was able to get from your link…

but I get the same error as when running on the wrong server before

cls
import-module ActiveDirectory


$Username = 'ad\xxxxTac'
$Password = 'xxxxx'
$pass = ConvertTo-SecureString -AsPlainText $Password -Force

$SecureString = $pass
# Users you password securly
$MySecureCreds = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $Username,$SecureString 


if (-not(Get-PSDrive DomainServer223)) {
    #do the psdrive set up sp it runs remotely
New-PSDrive `
    –Name DomainServer223 `
    –PSProvider ActiveDirectory `
    –Server 'XXXXXXX' `
    –Credential ($MySecureCreds) `
    –Root "//RootDSE/" `
    -Scope Global
    }Else{
    "Drive already exists"
    }

cd DomainServer223:

#set the term path
$user = [ ADSI ] "LDAP://CN=aaaddd.aaaddd,OU=Alaska Users,OU=Alaska,OU=Cxxxs,DC=xx,DC=xxxx,DC=xxx";

$user.psbase.Invokeset( "terminalservicesprofilepath", "\\ad\rds\ProfileAlaska\abab.ababf" );
$user.setinfo();

$user
$user.psbase.InvokeGet( "terminalservicesprofilepath" );

Exception calling “InvokeSet” with “2” argument(s): "A referral was returned from the server.
"
At C:\Users\Brown.ericw\Documents\test termservscriptpath setter.ps1:32 char:1

  • $user.psbase.Invokeset( “terminalservicesprofilepath”, "\ad\rds\Prof …
  •   + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
      + FullyQualifiedErrorId : DotNetMethodException
    
    

The following exception occurred while retrieving member “setinfo”: "A referral was returned from the server.
"
At C:\Users\Brown.ericw\Documents\test termservscriptpath setter.ps1:33 char:1

  • $user.setinfo();
  •   + CategoryInfo          : NotSpecified: (:) [], ExtendedTypeSystemException
      + FullyQualifiedErrorId : CatchFromBaseGetMember
    
    

The following exception occurred while retrieving member “distinguishedName”: "A referral was returned from the server.
"
At :line:0 char:0

Thanks,

Eric-

It looks like I’m making the ps drive, but I’m getting the same error as before

cls
import-module ActiveDirectory

$Username = 'xxxxx'
$Password = 'xxxxxx'
$pass = ConvertTo-SecureString -AsPlainText $Password -Force

$SecureString = $pass
# Users you password securly
$MySecureCreds = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $Username,$SecureString 


if (-not(Get-PSDrive DomainServer223)) {
    #do the psdrive set up sp it runs remotely
New-PSDrive `
    –Name DomainServer223 `
    –PSProvider ActiveDirectory `
    –Server 'xxxxx' `
    –Credential ($MySecureCreds) `
    –Root "//RootDSE/" `
    -Scope Global
    }Else{
    "Drive already exists"
    }

cd DomainServer223:

#set the term path
$user = [ ADSI ] "LDAP://CN=aaaddd.aaaddd,OU=Alaska Users,OU=Alaska,OU=Centers,DC=xxx,DC=xxx,DC=org";

$user.psbase.Invokeset( "terminalservicesprofilepath", "\\ad\rds\ProfileAlaska\abab.ababf" );
$user.setinfo();

$user
$user.psbase.InvokeGet( "terminalservicesprofilepath" );

the output

Drive already exists
Exception calling “InvokeSet” with “2” argument(s): "A referral was returned from the server.
"
At C:\Users\Brown.ericw\Documents\test termservscriptpath setter.ps1:32 char:1

  • $user.psbase.Invokeset( “terminalservicesprofilepath”, "\ad\rds\Prof …
  •   + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
      + FullyQualifiedErrorId : DotNetMethodException
    
    

The following exception occurred while retrieving member “setinfo”: "A referral was returned from the server.
"
At C:\Users\Brown.ericw\Documents\test termservscriptpath setter.ps1:33 char:1

  • $user.setinfo();
  •   + CategoryInfo          : NotSpecified: (:) [], ExtendedTypeSystemException
      + FullyQualifiedErrorId : CatchFromBaseGetMember
    
    

The following exception occurred while retrieving member “distinguishedName”: "A referral was returned from the server.
"
At :line:0 char:0

Thanks,

Eric-

Follow up research seems to indicate the PDrive only works with the activedirectory components not the ADSI components,
I’m guessing this is why ps-drive isnt’ have any effect on this script.

Are there any ways to make the adsi stuff correctly save across domains?

Thanks,

Eric-

The answer turned out to be using a ps-session, so that it could be wrapped in something that took a credential

https://stackoverflow.com/questions/49581128/modify-terminalservicesprofilepath-in-powershell-from-a-machine-that-is-non-a-me