Fixlet with a powershell scritp to remove Win 10 1809 APP

Hello Wolrd!
This fixlet need to be run on as loca user instead of system user, because the powershell does not indentify the information over to the system user.

I would like to run this script as local user, but with my domain credentials. Can somebody help me please?

Completed extract 5743d19277059f9ccc1943ae125402fcd775364b C:\TEMP\REMOVEAPPS
Completed action parameter query “User” with description "Please enter user AD (Domaini\user):"
Completed action parameter query “Password” with description "Please enter user AD password:"
Completed override wait

Failed runas=localuser
asadmin=true
user= parameter “User” of action
password= parameter “Password” of action

     wait "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass -ExecutionPolicy Bypass -File C:\TEMP\REMOVEAPPS\removeapps.ps1

Be aware the method you are using exposes the password you are using, it is trivial to retrieve it. You’ll want to rewrite this fixlet to use Secure Parameters before doing anything else with it.

Once you have this as a Secure Parameter task, there are options for override wait that can make the script run in the user context you specify.

1 Like

thank you for the feedback I just modify the line: action parameter query secure “Secret” with description “Please enter user AD password:” Is it correct right?

bus it still not working.

@JasonWalker
My script:

extract 5743d19277059f9ccc1943ae125402fcd775364b C:\TEMP\REMOVEAPPS

action parameter query “User” with description "Please enter user AD (Domaini\user):"
action parameter query secure “Secret” with description “Please enter user AD password:”

override wait
runas=localuser
asadmin=true
user= parameter “User” of action
password= parameter “Secret” of action

wait “C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe” -ExecutionPolicy Bypass -ExecutionPolicy Bypass -File C:\TEMP\REMOVEAPPS\removeapps.ps1

@jgstew

Can you help me please? The user that we usually type is member of the local administrators group.

Are you using a secure Parameterized Fixlet (where the password prompt is an HTML textbox in the Description field, and there is a javascript using TakeSecureFixletAction() ? There’s an example at https://bigfix.me/fixlet/details/3678 , sorry if you’re already using that and I misunderstood.

I believe your syntax is mostly correct but you need to use {} to perform the relevance substitutions

user= {parameter “User” of action}
password="{parameter “Secret” of action}"
1 Like

There is no prompt like this available in actionscript. You would have to use the method that @JasonWalker mentioned and put the javascript in the description to do this.

If I put like below it is no secure?

extract 5743d19277059f9ccc1943ae125402fcd775364b C:\TEMP\REMOVEAPPS

action parameter query “User” with description "Please enter user AD (Domaini\user):"
action parameter query secure “Secret” with description “Please enter user AD password:”

override wait
runas=localuser
asadmin=true
user= parameter “User” of action
password= parameter “Secret” of action

wait “C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe” -ExecutionPolicy Bypass -ExecutionPolicy Bypass -File C:\TEMP\REMOVEAPPS\removeapps.ps1

This method does not exist:
action parameter query secure “Secret” with description “Please enter user AD password:”

The Secure Parameter Fixlet is your safe path. @JasonWalker provided the sample Fixlet on bigfix.me in the post above.

1 Like