Last post Nov 02, 2017 07:06 AM by Cathy Zou
Nov 01, 2017 01:26 PM|dubsdj|LINK
I'm using this code to run powershell scripts server side via a c sharp internal website. It works to a point when I run powershell commands like get-service, ping and so on...
But if I try and run a script that does something useful like: Stop-Computer -computername "my-pc" -force, it does nothing. If i log onto the physical server and run that same command it works fine. Is there a security reason that it does not allow me to
do this? I'm assuming that is the reason and it would make sense, however I am interested to know if there is a workaround?
public partial class Default : System.Web.UI.Page
protected void Page_Load(object sender, EventArgs e)
//receive command from session variable
String psCommand = Session["psCommand"].ToString();
// Initialize PowerShell
var shell = PowerShell.Create();
// Add the script to the PowerShell object
// Execute the script
var results = shell.Invoke();
if (results.Count > 0)
var builder = new StringBuilder();
foreach (var psObject in results)
builder.Append(psObject.BaseObject.ToString() + "\r\n");
//store results in session and redirect to HAL for processing
Session["results"] = Server.HtmlEncode(builder.ToString());
Nov 01, 2017 02:35 PM|bbcompent1|LINK
Hi, you need to either sign the code of your script using a certificate or you'll need to set the execution policy to none. Here are a couple links explaining how to do that plus a detail on PowerShell's execution policy.
Nov 01, 2017 02:44 PM|dubsdj|LINK
if i run the command from the server hosting the local website it works fine.
but if i run it via the c sharp script it does nothing.
i checked the client and execution policy is set to remote-signed.
Nov 01, 2017 06:43 PM|dubsdj|LINK
From what I've been researching, I am thinking that it has something to do with IIS permissions. A powershell script that would shut down a remote computer would require an administrator privilege (Which would make sense). The reason it works when I open
powershell on the physical server is likely because I am logged in as the administrator.
The web server does not have any open ports on the firewall so its local only. Nethertheless I still I don't think adding the administrator to the defaultapppool would be a good idea really, I wouldn't do that.
Is there a way of getting credentials via a pop up, like when you use $getcredentials in powershell? Because it is running on the web server the client wouldn't get the pop up box to enter credentials. It would be great if there was a safe way of doing this
as it would open up so many possibilities from an automation point of view.
open to ideas if anyone has any
Nov 02, 2017 07:06 AM|Cathy Zou|LINK
From your description, you want to have a get getcredentials popup up when page load
It is impossible because you application is web application which host in IIS.
So, I suggest you could try run power shell script as administrate from c sharp.
You could try the solution in the following threads.
If the solution above didn’t work for you, you must adding the administrator to the defaultapppool.