question

OliverLennox-4187 avatar image
0 Votes"
OliverLennox-4187 asked ·

using wscript.shell obj in powershell script from intune

Hi All,

odd question but I'm hoping someone might have an answer. We're working with one of our Client's suppliers who use a particularly crappy little app to monitor some equipment on site. There are about 100 sites in all with no VPN or site-to-site connectivity so the monitor app needs to be deployed at each one.

I've managed to package a w32 intune app that can deploy it out to each site, but once it's installed you also need to run this little configuration utility to configure the name/identifier for the site. After a long exchange with the developer I've found that there is no way to do this through command line arguments or file manipulation/generation and the only way is through the GUI interface. The configuration utility also needs to run with admin privileges when the users across the estate only have standard user privileges on the PCs.

Through a lot of trial and error with Powershell I've managed to create a script which can run the configuration utility and stick in all the details by using a wscript.shell object and then manipulating the window through the SendKeys() method. It's ugly and unreliable but it did work in testing and would be better than trying to get around all the sites manually (even if it only worked on 50% of them it would be a big win).

My problem is, how can I go about pushing this out with Intune so it can run on the devices? I assume that if I just create a script which runs as system then this will be in a non-interactive session and no window will be generated to manipulate. But also if I run it as the local user then the UAC prompt will appear and they won't have permissions to run it themselves.

Is there any way of running the script as system but then executing the window in the active user session? could something be rigged up with scheduled tasks? Could I run it is at user but put in some temporary admin credentials to elevate it that I could trash out afterwards? Any suggestions would be appreciated, getting around all these sites and manually doing this would be a royal pain in the arse!

many thanks in advance

windows-10-generalwindows-server-powershellmem-intune-general
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MotoX80 avatar image
0 Votes"
MotoX80 answered ·

you also need to run this little configuration utility to configure the name/identifier for the site.

If you are talking to the developer, ask for the source code for this utility, and write your own command line program or integrate it's functionality into your own Powershell code.

You shouldn't be forced to jump through hoops to do sendkeys to make the app work. The end result is either a file or registry keys that you should be able to recreate.

·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.