User and ADM credentials in phase of one PS script?

Greetings all!

I have a migration capture that works perfectly for the capture side. It is just a bunch of .bat files and they do capture everything I need in under 30 seconds and very small. I have tested rolling back and while I have the issues listed below, the captures all roll back properly when run individually. Now to make it one cohesive script with split elevations to keep it easy on my Life Cycle Replacement team.

It captures specific folders and about 8 Registry Exports.

Putting the peices back all the folder peices work great. Its just on the registry side.

Some require ONLY User credentials to put in the HKCU section. Then 3 of the imports need Elevated permissions to work (like my odbc capture)

My goal is one script with a section to run with lower permissions for the customers profile so they go back in their profile specific settings and an elevated section to run the ADM portion for the leftover peices that need ADM permissions.

I do have one other peice. Each Registry import prompts for their own credentials. Is there a way to provide one login as the customer then run all the imports under those credentials provided in the first prompt? Same for the ADM side. Right now they run fine, but I have 8 login challenges for each of my 8 registry imports.

SO the goal would be one script, two credentials. the users (to roll profile specific peices) and the admin (for the rest). and it runs all the simple .bat files I have to roll

Any guidance would be greatly appreciated.


Welcome to the forum. :wave:t3:

I don’t know if you are in the right forum. This is a PowerShell forum. Even when there will be colleagues having a profund knowledge of ancient CMD/bat syntax we focus on PowerShell. :wink:

Regardless of that …

Without knowing what exactly you’re trying to backup and restore I urgently recommend NOT to tinker around with different credentials. An admin is able to access all user paths and registry keys if the target user is logged on. There are actually only 2 real registry roots - HKEY_LOCAL_MACHINE and HKEY_USERS. The others the Regedit.exe shows are actually only mappings to subkeys of the two main keys to make your life easier. And with the proper approach you can access the key for the current user (HKCU) via the main key HKEY_USERS.

Thanks. While the collection is done with batch files, I want to use power shell to do the directing. So this is a power shell question.

As for the registry, I am a 23 year vetran of IT and know my way around the registry. And what I captured and devised works perfectly. It is powershell that I am learning to embrace. :slight_smile:

Just wondering how to do it. Please look back at my questions.

  1. How to use powershell to seperate the .bat jobs into Admin and Non Admin sections with one login.
  2. How to run 8 Reg imports without being prompted for re-entry of credentials for each one.

Ihave already run the restore jobs and can run them as two seperate .bat commands, and if you provide the credentials for each reg restore it runs fine, Just looking to tune it and make it one cohesive package when one or two credentials challenges.

Sorry if I did not explain it well in my origonal question.

Sorry … but that does not mean that you did it right for 23 years. :man_shrugging:t3: I do IT for more than 23 years and I have seen colleagues making the simplest things that complicated and cumbersome I wanted to bang my head against the next wall. :roll_eyes:

Your questions sound for me actually like an

It is like you’re asking people to help you pushing your car instead of asking how to actually drive it. :man_shrugging:t3:

It depends pretty much on the general apporach. For some cmdlets you can use impersonation with their parameter -Credential. To find all cmdlets offering this opportunity you can use …

Get-Command -ParameterName Credential

The most common one to run commands or even complete script blocks locally or remotely would be

… in general … you should read the help for the cmdlets you’re about to use COMPLETELY INCLUDING THE EXAMPLES to learn how to use them. :point_up_2:t3:

I don’t know how to answer this because I can not reproduce this behaviour. You may share your code (formatted as code please) than we might be able to help you further. Depending on the task and the format you captured the settings I’d probably simply use reg.exe to import *.reg files. But if you run these import commands with the proper impersonation you will not get any credential prompt at all. :man_shrugging:t3:

You actually did I think. But I still think you’re going the wrong way with your approach though. :love_you_gesture:t3:

Another general tip: The more specific your question about a particular topic is the better we can help. The best way is allmost always to share your actual code along with error messages if there are some or along with some sample data - all this formatted as code please - to enable people willing to help you to actually reproduce your issue. You may make it as easy as possible for others to actually help you. :wink:

1 Like

Thank you for your reply. Being newer to PowerShell, I did not have any code to share (this being a PowerShell forum I did not want to share my .bat files) So being put on the hunt to where to look is perfect. I do not mind doing my own leg work, but sounds like you pointed me into a direction where I can find some answers.

As for the 23 years done right, I appreciate your cautious approach on that. I have seen some that have been in that exact example. Usually they end up being contractors as the employers realize they are not all that sharp.

I am very good at what I do, just learning a new arena. My brain does not work in scripting mode so I have been resisting it till now. So understanding powershell (even after having a class) is more difficult. I will get it eventually, but the switch has not “gone off” yet.

But I do realize the power of PS and that it is worth learning even though my brain resists…lol. Thanks will look into the arenas you pointed to and see if I can come up with something that I actually can share as a true powershell script and hone with the expertise I know resides here.