This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 73%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
I have a scheduled task running as system which creates a device and user VPN. I have copied the functional aspect of the user VPN creation from elsewhere, and don't understand enough in detail, how to adapt it to use the same or new CIMSession to open a local file as the logged on user. It needs to be the logged on user, as the file opens in the system environment at the moment and can't be seen by the logged in user. The file is a text file I would like to open using notepad.
The code I have for creating the user VPN is:
$nodeCSPURI = "./Vendor/MSFT/VPNv2"
$namespaceName = "root\cimv2\mdm\dmmap"
$className = "MDM_VPNv2_01"
$username = Gwmi -Class Win32_ComputerSystem | select username
$objuser = New-Object System.Security.Principal.NTAccount($username.username)
$sid = $objuser.Translate([System.Security.Principal.SecurityIdentifier])
$SidValue = $sid.Value
$session = New-CimSession
$options = New-Object Microsoft.Management.Infrastructure.Options.CimOperationOptions
$options.SetCustomOption("PolicyPlatformContext_PrincipalContext_Type", "PolicyPlatform_UserContext", $false)
$options.SetCustomOption("PolicyPlatformContext_PrincipalContext_Id", "$SidValue", $false)
$newInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName
$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", "$nodeCSPURI", "String", "Key")
$newInstance.CimInstanceProperties.Add($property)
$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", "$ProfileNameEscaped", "String", "Key")
$newInstance.CimInstanceProperties.Add($property)
$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ProfileXML", "$ProfileXML", "String", "Property")
$newInstance.CimInstanceProperties.Add($property)
$session.CreateInstance($namespaceName, $newInstance, $options)
$Status = "Created $ProfileName profile."
If anyone can help me with this, would you also please tell me how you decide what CIMClassname, you use to do what with PowerShell.
PeteL
I can't speak for everyone else, but I sure don't understand your question. I don't see anywhere in this code where it creates a file. I guess that you will need to develop 2 scripts, one that runs as the SYSTEM account, and another that runs as the user. The system script would need to execute and create "the file". The user script will need to execute and look for "the file" and then process it under the context of the user. It's impossible to provide a good answer without a lot more information. Maybe go back to wherever you copied the script from and ask the users there for help.
Hi MotoX80, thank you for the response.
The code I have included is the area of code that sets up the CimSession to create the VPN profile as the user. I was hoping to be able to adapt this to setup a CimSession that would allow me to run notepad and open a file as the user. I could have made this clearer.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 97%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
I haven't been able to launch notepad under a specific user session using PowerShell. I still use psexec from sisinternals.
Hi SethWH, thank you for the response. I'll investigate using psexec.
Another option, found here create-scheduled-task-run-as-logged-on-usewr Credit to Jonathan Walz. The code creates a scheduled task as the logged on user, runs the task, waits 5 seconds and deletes the task.
$action = New-ScheduledTaskAction -Execute “notepad.exe” -Argument "FileNameLocation"
$trigger = New-ScheduledTaskTrigger -AtLogOn
$principal = New-ScheduledTaskPrincipal -UserId (Get-CimInstance –ClassName Win32_ComputerSystem | Select-Object -expand UserName)
$task = New-ScheduledTask -Action $action -Trigger $trigger -Principal $principal
Register-ScheduledTask Notepad -InputObject $task
Start-ScheduledTask -TaskName Notepad
Start-Sleep -Seconds 5
Unregister-ScheduledTask -TaskName notepad -Confirm:$false